drivers/s390/crypto/pkey_api.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *  pkey device driver
   4  *
   5  *  Copyright IBM Corp. 2017,2019
   6  *  Author(s): Harald Freudenberger
   7  */
   8
   9 #define KMSG_COMPONENT "pkey"
  10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
  11
  12 #include <linux/fs.h>
  13 #include <linux/init.h>
  14 #include <linux/miscdevice.h>
  15 #include <linux/module.h>
  16 #include <linux/slab.h>
  17 #include <linux/kallsyms.h>
  18 #include <linux/debugfs.h>
  19 #include <linux/random.h>
  20 #include <linux/cpufeature.h>
  21 #include <asm/zcrypt.h>
  22 #include <asm/cpacf.h>
  23 #include <asm/pkey.h>
  24 #include <crypto/aes.h>
  25
  26 #include "zcrypt_api.h"
  27 #include "zcrypt_ccamisc.h"
  28 #include "zcrypt_ep11misc.h"
  29
  30 MODULE_LICENSE("GPL");
  31 MODULE_AUTHOR("IBM Corporation");
  32 MODULE_DESCRIPTION("s390 protected key interface");
  33
  34 #define KEYBLOBBUFSIZE 8192     /* key buffer size used for internal processing */
  35 #define PROTKEYBLOBBUFSIZE 256  /* protected key buffer size used internal */
  36 #define MAXAPQNSINLIST 64       /* max 64 apqns within a apqn list */
  37
  38 /* mask of available pckmo subfunctions, fetched once at module init */
  39 static cpacf_mask_t pckmo_functions;
  40
  41 /*
  42  * debug feature data and functions
  43  */
  44
  45 static debug_info_t *debug_info;
  46
  47 #define DEBUG_DBG(...)  debug_sprintf_event(debug_info, 6, ##__VA_ARGS__)
  48 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__)
  49 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__)
  50 #define DEBUG_ERR(...)  debug_sprintf_event(debug_info, 3, ##__VA_ARGS__)
  51
  52 static void __init pkey_debug_init(void)
  53 {
  54         /* 5 arguments per dbf entry (including the format string ptr) */
  55         debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
  56         debug_register_view(debug_info, &debug_sprintf_view);
  57         debug_set_level(debug_info, 3);
  58 }
  59
  60 static void __exit pkey_debug_exit(void)
  61 {
  62         debug_unregister(debug_info);
  63 }
  64
  65 /* inside view of a protected key token (only type 0x00 version 0x01) */
  66 struct protaeskeytoken {
  67         u8  type;     /* 0x00 for PAES specific key tokens */
  68         u8  res0[3];
  69         u8  version;  /* should be 0x01 for protected AES key token */
  70         u8  res1[3];
  71         u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
  72         u32 len;      /* bytes actually stored in protkey[] */
  73         u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
  74 } __packed;
  75
  76 /* inside view of a clear key token (type 0x00 version 0x02) */
  77 struct clearaeskeytoken {
  78         u8  type;        /* 0x00 for PAES specific key tokens */
  79         u8  res0[3];
  80         u8  version;     /* 0x02 for clear AES key token */
  81         u8  res1[3];
  82         u32 keytype;     /* key type, one of the PKEY_KEYTYPE values */
  83         u32 len;         /* bytes actually stored in clearkey[] */
  84         u8  clearkey[]; /* clear key value */
  85 } __packed;
  86
  87 /*
  88  * Create a protected key from a clear key value.
  89  */
  90 static int pkey_clr2protkey(u32 keytype,
  91                             const struct pkey_clrkey *clrkey,
  92                             struct pkey_protkey *protkey)
  93 {
  94         long fc;
  95         int keysize;
  96         u8 paramblock[64];
  97
  98         switch (keytype) {
  99         case PKEY_KEYTYPE_AES_128:
 100                 keysize = 16;
 101                 fc = CPACF_PCKMO_ENC_AES_128_KEY;
 102                 break;
 103         case PKEY_KEYTYPE_AES_192:
 104                 keysize = 24;
 105                 fc = CPACF_PCKMO_ENC_AES_192_KEY;
 106                 break;
 107         case PKEY_KEYTYPE_AES_256:
 108                 keysize = 32;
 109                 fc = CPACF_PCKMO_ENC_AES_256_KEY;
 110                 break;
 111         default:
 112                 DEBUG_ERR("%s unknown/unsupported keytype %d\n",
 113                           __func__, keytype);
 114                 return -EINVAL;
 115         }
 116
 117         /*
 118          * Check if the needed pckmo subfunction is available.
 119          * These subfunctions can be enabled/disabled by customers
 120          * in the LPAR profile or may even change on the fly.
 121          */
 122         if (!cpacf_test_func(&pckmo_functions, fc)) {
 123                 DEBUG_ERR("%s pckmo functions not available\n", __func__);
 124                 return -ENODEV;
 125         }
 126
 127         /* prepare param block */
 128         memset(paramblock, 0, sizeof(paramblock));
 129         memcpy(paramblock, clrkey->clrkey, keysize);
 130
 131         /* call the pckmo instruction */
 132         cpacf_pckmo(fc, paramblock);
 133
 134         /* copy created protected key */
 135         protkey->type = keytype;
 136         protkey->len = keysize + 32;
 137         memcpy(protkey->protkey, paramblock, keysize + 32);
 138
 139         return 0;
 140 }
 141
 142 /*
 143  * Find card and transform secure key into protected key.
 144  */
 145 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey)
 146 {
 147         int rc, verify;
 148         u16 cardnr, domain;
 149         struct keytoken_header *hdr = (struct keytoken_header *)key;
 150
 151         /*
 152          * The cca_xxx2protkey call may fail when a card has been
 153          * addressed where the master key was changed after last fetch
 154          * of the mkvp into the cache. Try 3 times: First witout verify
 155          * then with verify and last round with verify and old master
 156          * key verification pattern match not ignored.
 157          */
 158         for (verify = 0; verify < 3; verify++) {
 159                 rc = cca_findcard(key, &cardnr, &domain, verify);
 160                 if (rc < 0)
 161                         continue;
 162                 if (rc > 0 && verify < 2)
 163                         continue;
 164                 switch (hdr->version) {
 165                 case TOKVER_CCA_AES:
 166                         rc = cca_sec2protkey(cardnr, domain,
 167                                              key, pkey->protkey,
 168                                              &pkey->len, &pkey->type);
 169                         break;
 170                 case TOKVER_CCA_VLSC:
 171                         rc = cca_cipher2protkey(cardnr, domain,
 172                                                 key, pkey->protkey,
 173                                                 &pkey->len, &pkey->type);
 174                         break;
 175                 default:
 176                         return -EINVAL;
 177                 }
 178                 if (rc == 0)
 179                         break;
 180         }
 181
 182         if (rc)
 183                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 184
 185         return rc;
 186 }
 187
 188 /*
 189  * Construct EP11 key with given clear key value.
 190  */
 191 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
 192                             u8 *keybuf, size_t *keybuflen)
 193 {
 194         int i, rc;
 195         u16 card, dom;
 196         u32 nr_apqns, *apqns = NULL;
 197
 198         /* build a list of apqns suitable for ep11 keys with cpacf support */
 199         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 200                             ZCRYPT_CEX7, EP11_API_V, NULL);
 201         if (rc)
 202                 goto out;
 203
 204         /* go through the list of apqns and try to bild an ep11 key */
 205         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 206                 card = apqns[i] >> 16;
 207                 dom = apqns[i] & 0xFFFF;
 208                 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
 209                                       0, clrkey, keybuf, keybuflen);
 210                 if (rc == 0)
 211                         break;
 212         }
 213
 214 out:
 215         kfree(apqns);
 216         if (rc)
 217                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 218         return rc;
 219 }
 220
 221 /*
 222  * Find card and transform EP11 secure key into protected key.
 223  */
 224 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey)
 225 {
 226         int i, rc;
 227         u16 card, dom;
 228         u32 nr_apqns, *apqns = NULL;
 229         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 230
 231         /* build a list of apqns suitable for this key */
 232         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 233                             ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 234         if (rc)
 235                 goto out;
 236
 237         /* go through the list of apqns and try to derive an pkey */
 238         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 239                 card = apqns[i] >> 16;
 240                 dom = apqns[i] & 0xFFFF;
 241                 pkey->len = sizeof(pkey->protkey);
 242                 rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 243                                         pkey->protkey, &pkey->len, &pkey->type);
 244                 if (rc == 0)
 245                         break;
 246         }
 247
 248 out:
 249         kfree(apqns);
 250         if (rc)
 251                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 252         return rc;
 253 }
 254
 255 /*
 256  * Verify key and give back some info about the key.
 257  */
 258 static int pkey_verifykey(const struct pkey_seckey *seckey,
 259                           u16 *pcardnr, u16 *pdomain,
 260                           u16 *pkeysize, u32 *pattributes)
 261 {
 262         struct secaeskeytoken *t = (struct secaeskeytoken *) seckey;
 263         u16 cardnr, domain;
 264         int rc;
 265
 266         /* check the secure key for valid AES secure key */
 267         rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0);
 268         if (rc)
 269                 goto out;
 270         if (pattributes)
 271                 *pattributes = PKEY_VERIFY_ATTR_AES;
 272         if (pkeysize)
 273                 *pkeysize = t->bitsize;
 274
 275         /* try to find a card which can handle this key */
 276         rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
 277         if (rc < 0)
 278                 goto out;
 279
 280         if (rc > 0) {
 281                 /* key mkvp matches to old master key mkvp */
 282                 DEBUG_DBG("%s secure key has old mkvp\n", __func__);
 283                 if (pattributes)
 284                         *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
 285                 rc = 0;
 286         }
 287
 288         if (pcardnr)
 289                 *pcardnr = cardnr;
 290         if (pdomain)
 291                 *pdomain = domain;
 292
 293 out:
 294         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 295         return rc;
 296 }
 297
 298 /*
 299  * Generate a random protected key
 300  */
 301 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey)
 302 {
 303         struct pkey_clrkey clrkey;
 304         int keysize;
 305         int rc;
 306
 307         switch (keytype) {
 308         case PKEY_KEYTYPE_AES_128:
 309                 keysize = 16;
 310                 break;
 311         case PKEY_KEYTYPE_AES_192:
 312                 keysize = 24;
 313                 break;
 314         case PKEY_KEYTYPE_AES_256:
 315                 keysize = 32;
 316                 break;
 317         default:
 318                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 319                           keytype);
 320                 return -EINVAL;
 321         }
 322
 323         /* generate a dummy random clear key */
 324         get_random_bytes(clrkey.clrkey, keysize);
 325
 326         /* convert it to a dummy protected key */
 327         rc = pkey_clr2protkey(keytype, &clrkey, protkey);
 328         if (rc)
 329                 return rc;
 330
 331         /* replace the key part of the protected key with random bytes */
 332         get_random_bytes(protkey->protkey, keysize);
 333
 334         return 0;
 335 }
 336
 337 /*
 338  * Verify if a protected key is still valid
 339  */
 340 static int pkey_verifyprotkey(const struct pkey_protkey *protkey)
 341 {
 342         unsigned long fc;
 343         struct {
 344                 u8 iv[AES_BLOCK_SIZE];
 345                 u8 key[MAXPROTKEYSIZE];
 346         } param;
 347         u8 null_msg[AES_BLOCK_SIZE];
 348         u8 dest_buf[AES_BLOCK_SIZE];
 349         unsigned int k;
 350
 351         switch (protkey->type) {
 352         case PKEY_KEYTYPE_AES_128:
 353                 fc = CPACF_KMC_PAES_128;
 354                 break;
 355         case PKEY_KEYTYPE_AES_192:
 356                 fc = CPACF_KMC_PAES_192;
 357                 break;
 358         case PKEY_KEYTYPE_AES_256:
 359                 fc = CPACF_KMC_PAES_256;
 360                 break;
 361         default:
 362                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 363                           protkey->type);
 364                 return -EINVAL;
 365         }
 366
 367         memset(null_msg, 0, sizeof(null_msg));
 368
 369         memset(param.iv, 0, sizeof(param.iv));
 370         memcpy(param.key, protkey->protkey, sizeof(param.key));
 371
 372         k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
 373                       sizeof(null_msg));
 374         if (k != sizeof(null_msg)) {
 375                 DEBUG_ERR("%s protected key is not valid\n", __func__);
 376                 return -EKEYREJECTED;
 377         }
 378
 379         return 0;
 380 }
 381
 382 /*
 383  * Transform a non-CCA key token into a protected key
 384  */
 385 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
 386                                struct pkey_protkey *protkey)
 387 {
 388         int rc = -EINVAL;
 389         u8 *tmpbuf = NULL;
 390         struct keytoken_header *hdr = (struct keytoken_header *)key;
 391
 392         switch (hdr->version) {
 393         case TOKVER_PROTECTED_KEY: {
 394                 struct protaeskeytoken *t;
 395
 396                 if (keylen != sizeof(struct protaeskeytoken))
 397                         goto out;
 398                 t = (struct protaeskeytoken *)key;
 399                 protkey->len = t->len;
 400                 protkey->type = t->keytype;
 401                 memcpy(protkey->protkey, t->protkey,
 402                        sizeof(protkey->protkey));
 403                 rc = pkey_verifyprotkey(protkey);
 404                 break;
 405         }
 406         case TOKVER_CLEAR_KEY: {
 407                 struct clearaeskeytoken *t;
 408                 struct pkey_clrkey ckey;
 409                 union u_tmpbuf {
 410                         u8 skey[SECKEYBLOBSIZE];
 411                         u8 ep11key[MAXEP11AESKEYBLOBSIZE];
 412                 };
 413                 size_t tmpbuflen = sizeof(union u_tmpbuf);
 414
 415                 if (keylen < sizeof(struct clearaeskeytoken))
 416                         goto out;
 417                 t = (struct clearaeskeytoken *)key;
 418                 if (keylen != sizeof(*t) + t->len)
 419                         goto out;
 420                 if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16)
 421                     || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24)
 422                     || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32))
 423                         memcpy(ckey.clrkey, t->clearkey, t->len);
 424                 else
 425                         goto out;
 426                 /* alloc temp key buffer space */
 427                 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
 428                 if (!tmpbuf) {
 429                         rc = -ENOMEM;
 430                         goto out;
 431                 }
 432                 /* try direct way with the PCKMO instruction */
 433                 rc = pkey_clr2protkey(t->keytype, &ckey, protkey);
 434                 if (rc == 0)
 435                         break;
 436                 /* PCKMO failed, so try the CCA secure key way */
 437                 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype,
 438                                     ckey.clrkey, tmpbuf);
 439                 if (rc == 0)
 440                         rc = pkey_skey2pkey(tmpbuf, protkey);
 441                 if (rc == 0)
 442                         break;
 443                 /* if the CCA way also failed, let's try via EP11 */
 444                 rc = pkey_clr2ep11key(ckey.clrkey, t->len,
 445                                       tmpbuf, &tmpbuflen);
 446                 if (rc == 0)
 447                         rc = pkey_ep11key2pkey(tmpbuf, protkey);
 448                 /* now we should really have an protected key */
 449                 DEBUG_ERR("%s unable to build protected key from clear",
 450                           __func__);
 451                 break;
 452         }
 453         case TOKVER_EP11_AES: {
 454                 /* check ep11 key for exportable as protected key */
 455                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 456                 if (rc)
 457                         goto out;
 458                 rc = pkey_ep11key2pkey(key, protkey);
 459                 break;
 460         }
 461         case TOKVER_EP11_AES_WITH_HEADER:
 462                 /* check ep11 key with header for exportable as protected key */
 463                 rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1);
 464                 if (rc)
 465                         goto out;
 466                 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header),
 467                                        protkey);
 468                 break;
 469         default:
 470                 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n",
 471                           __func__, hdr->version);
 472                 rc = -EINVAL;
 473         }
 474
 475 out:
 476         kfree(tmpbuf);
 477         return rc;
 478 }
 479
 480 /*
 481  * Transform a CCA internal key token into a protected key
 482  */
 483 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
 484                                struct pkey_protkey *protkey)
 485 {
 486         struct keytoken_header *hdr = (struct keytoken_header *)key;
 487
 488         switch (hdr->version) {
 489         case TOKVER_CCA_AES:
 490                 if (keylen != sizeof(struct secaeskeytoken))
 491                         return -EINVAL;
 492                 break;
 493         case TOKVER_CCA_VLSC:
 494                 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 495                         return -EINVAL;
 496                 break;
 497         default:
 498                 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n",
 499                           __func__, hdr->version);
 500                 return -EINVAL;
 501         }
 502
 503         return pkey_skey2pkey(key, protkey);
 504 }
 505
 506 /*
 507  * Transform a key blob (of any type) into a protected key
 508  */
 509 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
 510                       struct pkey_protkey *protkey)
 511 {
 512         int rc;
 513         struct keytoken_header *hdr = (struct keytoken_header *)key;
 514
 515         if (keylen < sizeof(struct keytoken_header)) {
 516                 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen);
 517                 return -EINVAL;
 518         }
 519
 520         switch (hdr->type) {
 521         case TOKTYPE_NON_CCA:
 522                 rc = pkey_nonccatok2pkey(key, keylen, protkey);
 523                 break;
 524         case TOKTYPE_CCA_INTERNAL:
 525                 rc = pkey_ccainttok2pkey(key, keylen, protkey);
 526                 break;
 527         default:
 528                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 529                           __func__, hdr->type);
 530                 return -EINVAL;
 531         }
 532
 533         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 534         return rc;
 535
 536 }
 537 EXPORT_SYMBOL(pkey_keyblob2pkey);
 538
 539 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 540                            enum pkey_key_type ktype, enum pkey_key_size ksize,
 541                            u32 kflags, u8 *keybuf, size_t *keybufsize)
 542 {
 543         int i, card, dom, rc;
 544
 545         /* check for at least one apqn given */
 546         if (!apqns || !nr_apqns)
 547                 return -EINVAL;
 548
 549         /* check key type and size */
 550         switch (ktype) {
 551         case PKEY_TYPE_CCA_DATA:
 552         case PKEY_TYPE_CCA_CIPHER:
 553                 if (*keybufsize < SECKEYBLOBSIZE)
 554                         return -EINVAL;
 555                 break;
 556         case PKEY_TYPE_EP11:
 557                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 558                         return -EINVAL;
 559                 break;
 560         default:
 561                 return -EINVAL;
 562         }
 563         switch (ksize) {
 564         case PKEY_SIZE_AES_128:
 565         case PKEY_SIZE_AES_192:
 566         case PKEY_SIZE_AES_256:
 567                 break;
 568         default:
 569                 return -EINVAL;
 570         }
 571
 572         /* simple try all apqns from the list */
 573         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 574                 card = apqns[i].card;
 575                 dom = apqns[i].domain;
 576                 if (ktype == PKEY_TYPE_EP11) {
 577                         rc = ep11_genaeskey(card, dom, ksize, kflags,
 578                                             keybuf, keybufsize);
 579                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 580                         rc = cca_genseckey(card, dom, ksize, keybuf);
 581                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 582                 } else /* TOKVER_CCA_VLSC */
 583                         rc = cca_gencipherkey(card, dom, ksize, kflags,
 584                                               keybuf, keybufsize);
 585                 if (rc == 0)
 586                         break;
 587         }
 588
 589         return rc;
 590 }
 591
 592 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 593                             enum pkey_key_type ktype, enum pkey_key_size ksize,
 594                             u32 kflags, const u8 *clrkey,
 595                             u8 *keybuf, size_t *keybufsize)
 596 {
 597         int i, card, dom, rc;
 598
 599         /* check for at least one apqn given */
 600         if (!apqns || !nr_apqns)
 601                 return -EINVAL;
 602
 603         /* check key type and size */
 604         switch (ktype) {
 605         case PKEY_TYPE_CCA_DATA:
 606         case PKEY_TYPE_CCA_CIPHER:
 607                 if (*keybufsize < SECKEYBLOBSIZE)
 608                         return -EINVAL;
 609                 break;
 610         case PKEY_TYPE_EP11:
 611                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 612                         return -EINVAL;
 613                 break;
 614         default:
 615                 return -EINVAL;
 616         }
 617         switch (ksize) {
 618         case PKEY_SIZE_AES_128:
 619         case PKEY_SIZE_AES_192:
 620         case PKEY_SIZE_AES_256:
 621                 break;
 622         default:
 623                 return -EINVAL;
 624         }
 625
 626         /* simple try all apqns from the list */
 627         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 628                 card = apqns[i].card;
 629                 dom = apqns[i].domain;
 630                 if (ktype == PKEY_TYPE_EP11) {
 631                         rc = ep11_clr2keyblob(card, dom, ksize, kflags,
 632                                               clrkey, keybuf, keybufsize);
 633                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 634                         rc = cca_clr2seckey(card, dom, ksize,
 635                                             clrkey, keybuf);
 636                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 637                 } else /* TOKVER_CCA_VLSC */
 638                         rc = cca_clr2cipherkey(card, dom, ksize, kflags,
 639                                                clrkey, keybuf, keybufsize);
 640                 if (rc == 0)
 641                         break;
 642         }
 643
 644         return rc;
 645 }
 646
 647 static int pkey_verifykey2(const u8 *key, size_t keylen,
 648                            u16 *cardnr, u16 *domain,
 649                            enum pkey_key_type *ktype,
 650                            enum pkey_key_size *ksize, u32 *flags)
 651 {
 652         int rc;
 653         u32 _nr_apqns, *_apqns = NULL;
 654         struct keytoken_header *hdr = (struct keytoken_header *)key;
 655
 656         if (keylen < sizeof(struct keytoken_header))
 657                 return -EINVAL;
 658
 659         if (hdr->type == TOKTYPE_CCA_INTERNAL
 660             && hdr->version == TOKVER_CCA_AES) {
 661                 struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 662
 663                 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0);
 664                 if (rc)
 665                         goto out;
 666                 if (ktype)
 667                         *ktype = PKEY_TYPE_CCA_DATA;
 668                 if (ksize)
 669                         *ksize = (enum pkey_key_size) t->bitsize;
 670
 671                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 672                                    ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
 673                 if (rc == 0 && flags)
 674                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 675                 if (rc == -ENODEV) {
 676                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 677                                            *cardnr, *domain,
 678                                            ZCRYPT_CEX3C, AES_MK_SET,
 679                                            0, t->mkvp, 1);
 680                         if (rc == 0 && flags)
 681                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 682                 }
 683                 if (rc)
 684                         goto out;
 685
 686                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 687                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 688
 689         } else if (hdr->type == TOKTYPE_CCA_INTERNAL
 690                    && hdr->version == TOKVER_CCA_VLSC) {
 691                 struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 692
 693                 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1);
 694                 if (rc)
 695                         goto out;
 696                 if (ktype)
 697                         *ktype = PKEY_TYPE_CCA_CIPHER;
 698                 if (ksize) {
 699                         *ksize = PKEY_SIZE_UNKNOWN;
 700                         if (!t->plfver && t->wpllen == 512)
 701                                 *ksize = PKEY_SIZE_AES_128;
 702                         else if (!t->plfver && t->wpllen == 576)
 703                                 *ksize = PKEY_SIZE_AES_192;
 704                         else if (!t->plfver && t->wpllen == 640)
 705                                 *ksize = PKEY_SIZE_AES_256;
 706                 }
 707
 708                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 709                                    ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
 710                 if (rc == 0 && flags)
 711                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 712                 if (rc == -ENODEV) {
 713                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 714                                            *cardnr, *domain,
 715                                            ZCRYPT_CEX6, AES_MK_SET,
 716                                            0, t->mkvp0, 1);
 717                         if (rc == 0 && flags)
 718                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 719                 }
 720                 if (rc)
 721                         goto out;
 722
 723                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 724                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 725
 726         } else if (hdr->type == TOKTYPE_NON_CCA
 727                    && hdr->version == TOKVER_EP11_AES) {
 728                 struct ep11keyblob *kb = (struct ep11keyblob *)key;
 729
 730                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 731                 if (rc)
 732                         goto out;
 733                 if (ktype)
 734                         *ktype = PKEY_TYPE_EP11;
 735                 if (ksize)
 736                         *ksize = kb->head.keybitlen;
 737
 738                 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 739                                     ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 740                 if (rc)
 741                         goto out;
 742
 743                 if (flags)
 744                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 745
 746                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 747                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 748
 749         } else
 750                 rc = -EINVAL;
 751
 752 out:
 753         kfree(_apqns);
 754         return rc;
 755 }
 756
 757 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 758                               const u8 *key, size_t keylen,
 759                               struct pkey_protkey *pkey)
 760 {
 761         int i, card, dom, rc;
 762         struct keytoken_header *hdr = (struct keytoken_header *)key;
 763
 764         /* check for at least one apqn given */
 765         if (!apqns || !nr_apqns)
 766                 return -EINVAL;
 767
 768         if (keylen < sizeof(struct keytoken_header))
 769                 return -EINVAL;
 770
 771         if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 772                 if (hdr->version == TOKVER_CCA_AES) {
 773                         if (keylen != sizeof(struct secaeskeytoken))
 774                                 return -EINVAL;
 775                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
 776                                 return -EINVAL;
 777                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 778                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 779                                 return -EINVAL;
 780                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
 781                                 return -EINVAL;
 782                 } else {
 783                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
 784                                   __func__, hdr->version);
 785                         return -EINVAL;
 786                 }
 787         } else if (hdr->type == TOKTYPE_NON_CCA) {
 788                 if (hdr->version == TOKVER_EP11_AES) {
 789                         if (keylen < sizeof(struct ep11keyblob))
 790                                 return -EINVAL;
 791                         if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
 792                                 return -EINVAL;
 793                 } else {
 794                         return pkey_nonccatok2pkey(key, keylen, pkey);
 795                 }
 796         } else {
 797                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 798                           __func__, hdr->type);
 799                 return -EINVAL;
 800         }
 801
 802         /* simple try all apqns from the list */
 803         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 804                 card = apqns[i].card;
 805                 dom = apqns[i].domain;
 806                 if (hdr->type == TOKTYPE_CCA_INTERNAL
 807                     && hdr->version == TOKVER_CCA_AES)
 808                         rc = cca_sec2protkey(card, dom, key, pkey->protkey,
 809                                              &pkey->len, &pkey->type);
 810                 else if (hdr->type == TOKTYPE_CCA_INTERNAL
 811                          && hdr->version == TOKVER_CCA_VLSC)
 812                         rc = cca_cipher2protkey(card, dom, key, pkey->protkey,
 813                                                 &pkey->len, &pkey->type);
 814                 else { /* EP11 AES secure key blob */
 815                         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 816
 817                         pkey->len = sizeof(pkey->protkey);
 818                         rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 819                                                 pkey->protkey, &pkey->len,
 820                                                 &pkey->type);
 821                 }
 822                 if (rc == 0)
 823                         break;
 824         }
 825
 826         return rc;
 827 }
 828
 829 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
 830                           struct pkey_apqn *apqns, size_t *nr_apqns)
 831 {
 832         int rc;
 833         u32 _nr_apqns, *_apqns = NULL;
 834         struct keytoken_header *hdr = (struct keytoken_header *)key;
 835
 836         if (keylen < sizeof(struct keytoken_header) || flags == 0)
 837                 return -EINVAL;
 838
 839         if (hdr->type == TOKTYPE_NON_CCA
 840             && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
 841                 || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
 842             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
 843                 int minhwtype = 0, api = 0;
 844                 struct ep11keyblob *kb = (struct ep11keyblob *)
 845                         (key + sizeof(struct ep11kblob_header));
 846
 847                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 848                         return -EINVAL;
 849                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 850                         minhwtype = ZCRYPT_CEX7;
 851                         api = EP11_API_V;
 852                 }
 853                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 854                                     minhwtype, api, kb->wkvp);
 855                 if (rc)
 856                         goto out;
 857         } else if (hdr->type == TOKTYPE_NON_CCA
 858                    && hdr->version == TOKVER_EP11_AES
 859                    && is_ep11_keyblob(key)) {
 860                 int minhwtype = 0, api = 0;
 861                 struct ep11keyblob *kb = (struct ep11keyblob *) key;
 862
 863                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 864                         return -EINVAL;
 865                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 866                         minhwtype = ZCRYPT_CEX7;
 867                         api = EP11_API_V;
 868                 }
 869                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 870                                     minhwtype, api, kb->wkvp);
 871                 if (rc)
 872                         goto out;
 873         } else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 874                 int minhwtype = ZCRYPT_CEX3C;
 875                 u64 cur_mkvp = 0, old_mkvp = 0;
 876
 877                 if (hdr->version == TOKVER_CCA_AES) {
 878                         struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 879
 880                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 881                                 cur_mkvp = t->mkvp;
 882                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 883                                 old_mkvp = t->mkvp;
 884                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 885                         struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 886
 887                         minhwtype = ZCRYPT_CEX6;
 888                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 889                                 cur_mkvp = t->mkvp0;
 890                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 891                                 old_mkvp = t->mkvp0;
 892                 } else {
 893                         /* unknown cca internal token type */
 894                         return -EINVAL;
 895                 }
 896                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 897                                    minhwtype, AES_MK_SET,
 898                                    cur_mkvp, old_mkvp, 1);
 899                 if (rc)
 900                         goto out;
 901         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
 902                 u64 cur_mkvp = 0, old_mkvp = 0;
 903                 struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
 904
 905                 if (t->secid == 0x20) {
 906                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 907                                 cur_mkvp = t->mkvp;
 908                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 909                                 old_mkvp = t->mkvp;
 910                 } else {
 911                         /* unknown cca internal 2 token type */
 912                         return -EINVAL;
 913                 }
 914                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 915                                    ZCRYPT_CEX7, APKA_MK_SET,
 916                                    cur_mkvp, old_mkvp, 1);
 917                 if (rc)
 918                         goto out;
 919         } else
 920                 return -EINVAL;
 921
 922         if (apqns) {
 923                 if (*nr_apqns < _nr_apqns)
 924                         rc = -ENOSPC;
 925                 else
 926                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 927         }
 928         *nr_apqns = _nr_apqns;
 929
 930 out:
 931         kfree(_apqns);
 932         return rc;
 933 }
 934
 935 static int pkey_apqns4keytype(enum pkey_key_type ktype,
 936                               u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
 937                               struct pkey_apqn *apqns, size_t *nr_apqns)
 938 {
 939         int rc;
 940         u32 _nr_apqns, *_apqns = NULL;
 941
 942         if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
 943                 u64 cur_mkvp = 0, old_mkvp = 0;
 944                 int minhwtype = ZCRYPT_CEX3C;
 945
 946                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 947                         cur_mkvp = *((u64 *) cur_mkvp);
 948                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 949                         old_mkvp = *((u64 *) alt_mkvp);
 950                 if (ktype == PKEY_TYPE_CCA_CIPHER)
 951                         minhwtype = ZCRYPT_CEX6;
 952                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 953                                    minhwtype, AES_MK_SET,
 954                                    cur_mkvp, old_mkvp, 1);
 955                 if (rc)
 956                         goto out;
 957         } else if (ktype == PKEY_TYPE_CCA_ECC) {
 958                 u64 cur_mkvp = 0, old_mkvp = 0;
 959
 960                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 961                         cur_mkvp = *((u64 *) cur_mkvp);
 962                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 963                         old_mkvp = *((u64 *) alt_mkvp);
 964                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 965                                    ZCRYPT_CEX7, APKA_MK_SET,
 966                                    cur_mkvp, old_mkvp, 1);
 967                 if (rc)
 968                         goto out;
 969
 970         } else if (ktype == PKEY_TYPE_EP11 ||
 971                    ktype == PKEY_TYPE_EP11_AES ||
 972                    ktype == PKEY_TYPE_EP11_ECC) {
 973                 u8 *wkvp = NULL;
 974
 975                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 976                         wkvp = cur_mkvp;
 977                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 978                                     ZCRYPT_CEX7, EP11_API_V, wkvp);
 979                 if (rc)
 980                         goto out;
 981
 982         } else
 983                 return -EINVAL;
 984
 985         if (apqns) {
 986                 if (*nr_apqns < _nr_apqns)
 987                         rc = -ENOSPC;
 988                 else
 989                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 990         }
 991         *nr_apqns = _nr_apqns;
 992
 993 out:
 994         kfree(_apqns);
 995         return rc;
 996 }
 997
 998 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
 999                               const u8 *key, size_t keylen, u32 *protkeytype,
1000                               u8 *protkey, u32 *protkeylen)
1001 {
1002         int i, card, dom, rc;
1003         struct keytoken_header *hdr = (struct keytoken_header *)key;
1004
1005         /* check for at least one apqn given */
1006         if (!apqns || !nr_apqns)
1007                 return -EINVAL;
1008
1009         if (keylen < sizeof(struct keytoken_header))
1010                 return -EINVAL;
1011
1012         if (hdr->type == TOKTYPE_NON_CCA
1013             && hdr->version == TOKVER_EP11_AES_WITH_HEADER
1014             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1015                 /* EP11 AES key blob with header */
1016                 if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1))
1017                         return -EINVAL;
1018         } else if (hdr->type == TOKTYPE_NON_CCA
1019                    && hdr->version == TOKVER_EP11_ECC_WITH_HEADER
1020                    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1021                 /* EP11 ECC key blob with header */
1022                 if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1))
1023                         return -EINVAL;
1024         } else if (hdr->type == TOKTYPE_NON_CCA
1025                    && hdr->version == TOKVER_EP11_AES
1026                    && is_ep11_keyblob(key)) {
1027                 /* EP11 AES key blob with header in session field */
1028                 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
1029                         return -EINVAL;
1030         } else  if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1031                 if (hdr->version == TOKVER_CCA_AES) {
1032                         /* CCA AES data key */
1033                         if (keylen != sizeof(struct secaeskeytoken))
1034                                 return -EINVAL;
1035                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
1036                                 return -EINVAL;
1037                 } else if (hdr->version == TOKVER_CCA_VLSC) {
1038                         /* CCA AES cipher key */
1039                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1040                                 return -EINVAL;
1041                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
1042                                 return -EINVAL;
1043                 } else {
1044                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
1045                                   __func__, hdr->version);
1046                         return -EINVAL;
1047                 }
1048         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1049                 /* CCA ECC (private) key */
1050                 if (keylen < sizeof(struct eccprivkeytoken))
1051                         return -EINVAL;
1052                 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1))
1053                         return -EINVAL;
1054         } else if (hdr->type == TOKTYPE_NON_CCA) {
1055                 struct pkey_protkey pkey;
1056
1057                 rc = pkey_nonccatok2pkey(key, keylen, &pkey);
1058                 if (rc)
1059                         return rc;
1060                 memcpy(protkey, pkey.protkey, pkey.len);
1061                 *protkeylen = pkey.len;
1062                 *protkeytype = pkey.type;
1063                 return 0;
1064         } else {
1065                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
1066                           __func__, hdr->type);
1067                 return -EINVAL;
1068         }
1069
1070         /* simple try all apqns from the list */
1071         for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1072                 card = apqns[i].card;
1073                 dom = apqns[i].domain;
1074                 if (hdr->type == TOKTYPE_NON_CCA
1075                     && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
1076                         || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
1077                     && is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1078                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1079                                                 protkey, protkeylen, protkeytype);
1080                 else if (hdr->type == TOKTYPE_NON_CCA
1081                          && hdr->version == TOKVER_EP11_AES
1082                          && is_ep11_keyblob(key))
1083                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1084                                                 protkey, protkeylen, protkeytype);
1085                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1086                          hdr->version == TOKVER_CCA_AES)
1087                         rc = cca_sec2protkey(card, dom, key, protkey,
1088                                              protkeylen, protkeytype);
1089                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1090                          hdr->version == TOKVER_CCA_VLSC)
1091                         rc = cca_cipher2protkey(card, dom, key, protkey,
1092                                                 protkeylen, protkeytype);
1093                 else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1094                         rc = cca_ecc2protkey(card, dom, key, protkey,
1095                                              protkeylen, protkeytype);
1096                 else
1097                         return -EINVAL;
1098         }
1099
1100         return rc;
1101 }
1102
1103 /*
1104  * File io functions
1105  */
1106
1107 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1108 {
1109         if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE)
1110                 return ERR_PTR(-EINVAL);
1111
1112         return memdup_user(ukey, keylen);
1113 }
1114
1115 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1116 {
1117         if (!uapqns || nr_apqns == 0)
1118                 return NULL;
1119
1120         return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1121 }
1122
1123 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1124                                 unsigned long arg)
1125 {
1126         int rc;
1127
1128         switch (cmd) {
1129         case PKEY_GENSECK: {
1130                 struct pkey_genseck __user *ugs = (void __user *) arg;
1131                 struct pkey_genseck kgs;
1132
1133                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1134                         return -EFAULT;
1135                 rc = cca_genseckey(kgs.cardnr, kgs.domain,
1136                                    kgs.keytype, kgs.seckey.seckey);
1137                 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc);
1138                 if (rc)
1139                         break;
1140                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1141                         return -EFAULT;
1142                 break;
1143         }
1144         case PKEY_CLR2SECK: {
1145                 struct pkey_clr2seck __user *ucs = (void __user *) arg;
1146                 struct pkey_clr2seck kcs;
1147
1148                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1149                         return -EFAULT;
1150                 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1151                                     kcs.clrkey.clrkey, kcs.seckey.seckey);
1152                 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc);
1153                 if (rc)
1154                         break;
1155                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1156                         return -EFAULT;
1157                 memzero_explicit(&kcs, sizeof(kcs));
1158                 break;
1159         }
1160         case PKEY_SEC2PROTK: {
1161                 struct pkey_sec2protk __user *usp = (void __user *) arg;
1162                 struct pkey_sec2protk ksp;
1163
1164                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1165                         return -EFAULT;
1166                 rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1167                                      ksp.seckey.seckey, ksp.protkey.protkey,
1168                                      &ksp.protkey.len, &ksp.protkey.type);
1169                 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc);
1170                 if (rc)
1171                         break;
1172                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1173                         return -EFAULT;
1174                 break;
1175         }
1176         case PKEY_CLR2PROTK: {
1177                 struct pkey_clr2protk __user *ucp = (void __user *) arg;
1178                 struct pkey_clr2protk kcp;
1179
1180                 if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1181                         return -EFAULT;
1182                 rc = pkey_clr2protkey(kcp.keytype,
1183                                       &kcp.clrkey, &kcp.protkey);
1184                 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc);
1185                 if (rc)
1186                         break;
1187                 if (copy_to_user(ucp, &kcp, sizeof(kcp)))
1188                         return -EFAULT;
1189                 memzero_explicit(&kcp, sizeof(kcp));
1190                 break;
1191         }
1192         case PKEY_FINDCARD: {
1193                 struct pkey_findcard __user *ufc = (void __user *) arg;
1194                 struct pkey_findcard kfc;
1195
1196                 if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1197                         return -EFAULT;
1198                 rc = cca_findcard(kfc.seckey.seckey,
1199                                   &kfc.cardnr, &kfc.domain, 1);
1200                 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc);
1201                 if (rc < 0)
1202                         break;
1203                 if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1204                         return -EFAULT;
1205                 break;
1206         }
1207         case PKEY_SKEY2PKEY: {
1208                 struct pkey_skey2pkey __user *usp = (void __user *) arg;
1209                 struct pkey_skey2pkey ksp;
1210
1211                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1212                         return -EFAULT;
1213                 rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey);
1214                 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc);
1215                 if (rc)
1216                         break;
1217                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1218                         return -EFAULT;
1219                 break;
1220         }
1221         case PKEY_VERIFYKEY: {
1222                 struct pkey_verifykey __user *uvk = (void __user *) arg;
1223                 struct pkey_verifykey kvk;
1224
1225                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1226                         return -EFAULT;
1227                 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1228                                     &kvk.keysize, &kvk.attributes);
1229                 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc);
1230                 if (rc)
1231                         break;
1232                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1233                         return -EFAULT;
1234                 break;
1235         }
1236         case PKEY_GENPROTK: {
1237                 struct pkey_genprotk __user *ugp = (void __user *) arg;
1238                 struct pkey_genprotk kgp;
1239
1240                 if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1241                         return -EFAULT;
1242                 rc = pkey_genprotkey(kgp.keytype, &kgp.protkey);
1243                 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc);
1244                 if (rc)
1245                         break;
1246                 if (copy_to_user(ugp, &kgp, sizeof(kgp)))
1247                         return -EFAULT;
1248                 break;
1249         }
1250         case PKEY_VERIFYPROTK: {
1251                 struct pkey_verifyprotk __user *uvp = (void __user *) arg;
1252                 struct pkey_verifyprotk kvp;
1253
1254                 if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1255                         return -EFAULT;
1256                 rc = pkey_verifyprotkey(&kvp.protkey);
1257                 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1258                 break;
1259         }
1260         case PKEY_KBLOB2PROTK: {
1261                 struct pkey_kblob2pkey __user *utp = (void __user *) arg;
1262                 struct pkey_kblob2pkey ktp;
1263                 u8 *kkey;
1264
1265                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1266                         return -EFAULT;
1267                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1268                 if (IS_ERR(kkey))
1269                         return PTR_ERR(kkey);
1270                 rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
1271                 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1272                 kfree(kkey);
1273                 if (rc)
1274                         break;
1275                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1276                         return -EFAULT;
1277                 break;
1278         }
1279         case PKEY_GENSECK2: {
1280                 struct pkey_genseck2 __user *ugs = (void __user *) arg;
1281                 struct pkey_genseck2 kgs;
1282                 struct pkey_apqn *apqns;
1283                 size_t klen = KEYBLOBBUFSIZE;
1284                 u8 *kkey;
1285
1286                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1287                         return -EFAULT;
1288                 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1289                 if (IS_ERR(apqns))
1290                         return PTR_ERR(apqns);
1291                 kkey = kmalloc(klen, GFP_KERNEL);
1292                 if (!kkey) {
1293                         kfree(apqns);
1294                         return -ENOMEM;
1295                 }
1296                 rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1297                                      kgs.type, kgs.size, kgs.keygenflags,
1298                                      kkey, &klen);
1299                 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc);
1300                 kfree(apqns);
1301                 if (rc) {
1302                         kfree(kkey);
1303                         break;
1304                 }
1305                 if (kgs.key) {
1306                         if (kgs.keylen < klen) {
1307                                 kfree(kkey);
1308                                 return -EINVAL;
1309                         }
1310                         if (copy_to_user(kgs.key, kkey, klen)) {
1311                                 kfree(kkey);
1312                                 return -EFAULT;
1313                         }
1314                 }
1315                 kgs.keylen = klen;
1316                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1317                         rc = -EFAULT;
1318                 kfree(kkey);
1319                 break;
1320         }
1321         case PKEY_CLR2SECK2: {
1322                 struct pkey_clr2seck2 __user *ucs = (void __user *) arg;
1323                 struct pkey_clr2seck2 kcs;
1324                 struct pkey_apqn *apqns;
1325                 size_t klen = KEYBLOBBUFSIZE;
1326                 u8 *kkey;
1327
1328                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1329                         return -EFAULT;
1330                 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1331                 if (IS_ERR(apqns))
1332                         return PTR_ERR(apqns);
1333                 kkey = kmalloc(klen, GFP_KERNEL);
1334                 if (!kkey) {
1335                         kfree(apqns);
1336                         return -ENOMEM;
1337                 }
1338                 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1339                                       kcs.type, kcs.size, kcs.keygenflags,
1340                                       kcs.clrkey.clrkey, kkey, &klen);
1341                 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1342                 kfree(apqns);
1343                 if (rc) {
1344                         kfree(kkey);
1345                         break;
1346                 }
1347                 if (kcs.key) {
1348                         if (kcs.keylen < klen) {
1349                                 kfree(kkey);
1350                                 return -EINVAL;
1351                         }
1352                         if (copy_to_user(kcs.key, kkey, klen)) {
1353                                 kfree(kkey);
1354                                 return -EFAULT;
1355                         }
1356                 }
1357                 kcs.keylen = klen;
1358                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1359                         rc = -EFAULT;
1360                 memzero_explicit(&kcs, sizeof(kcs));
1361                 kfree(kkey);
1362                 break;
1363         }
1364         case PKEY_VERIFYKEY2: {
1365                 struct pkey_verifykey2 __user *uvk = (void __user *) arg;
1366                 struct pkey_verifykey2 kvk;
1367                 u8 *kkey;
1368
1369                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1370                         return -EFAULT;
1371                 kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1372                 if (IS_ERR(kkey))
1373                         return PTR_ERR(kkey);
1374                 rc = pkey_verifykey2(kkey, kvk.keylen,
1375                                      &kvk.cardnr, &kvk.domain,
1376                                      &kvk.type, &kvk.size, &kvk.flags);
1377                 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc);
1378                 kfree(kkey);
1379                 if (rc)
1380                         break;
1381                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1382                         return -EFAULT;
1383                 break;
1384         }
1385         case PKEY_KBLOB2PROTK2: {
1386                 struct pkey_kblob2pkey2 __user *utp = (void __user *) arg;
1387                 struct pkey_kblob2pkey2 ktp;
1388                 struct pkey_apqn *apqns = NULL;
1389                 u8 *kkey;
1390
1391                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1392                         return -EFAULT;
1393                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1394                 if (IS_ERR(apqns))
1395                         return PTR_ERR(apqns);
1396                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1397                 if (IS_ERR(kkey)) {
1398                         kfree(apqns);
1399                         return PTR_ERR(kkey);
1400                 }
1401                 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1402                                         kkey, ktp.keylen, &ktp.protkey);
1403                 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1404                 kfree(apqns);
1405                 kfree(kkey);
1406                 if (rc)
1407                         break;
1408                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1409                         return -EFAULT;
1410                 break;
1411         }
1412         case PKEY_APQNS4K: {
1413                 struct pkey_apqns4key __user *uak = (void __user *) arg;
1414                 struct pkey_apqns4key kak;
1415                 struct pkey_apqn *apqns = NULL;
1416                 size_t nr_apqns, len;
1417                 u8 *kkey;
1418
1419                 if (copy_from_user(&kak, uak, sizeof(kak)))
1420                         return -EFAULT;
1421                 nr_apqns = kak.apqn_entries;
1422                 if (nr_apqns) {
1423                         apqns = kmalloc_array(nr_apqns,
1424                                               sizeof(struct pkey_apqn),
1425                                               GFP_KERNEL);
1426                         if (!apqns)
1427                                 return -ENOMEM;
1428                 }
1429                 kkey = _copy_key_from_user(kak.key, kak.keylen);
1430                 if (IS_ERR(kkey)) {
1431                         kfree(apqns);
1432                         return PTR_ERR(kkey);
1433                 }
1434                 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1435                                     apqns, &nr_apqns);
1436                 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc);
1437                 kfree(kkey);
1438                 if (rc && rc != -ENOSPC) {
1439                         kfree(apqns);
1440                         break;
1441                 }
1442                 if (!rc && kak.apqns) {
1443                         if (nr_apqns > kak.apqn_entries) {
1444                                 kfree(apqns);
1445                                 return -EINVAL;
1446                         }
1447                         len = nr_apqns * sizeof(struct pkey_apqn);
1448                         if (len) {
1449                                 if (copy_to_user(kak.apqns, apqns, len)) {
1450                                         kfree(apqns);
1451                                         return -EFAULT;
1452                                 }
1453                         }
1454                 }
1455                 kak.apqn_entries = nr_apqns;
1456                 if (copy_to_user(uak, &kak, sizeof(kak)))
1457                         rc = -EFAULT;
1458                 kfree(apqns);
1459                 break;
1460         }
1461         case PKEY_APQNS4KT: {
1462                 struct pkey_apqns4keytype __user *uat = (void __user *) arg;
1463                 struct pkey_apqns4keytype kat;
1464                 struct pkey_apqn *apqns = NULL;
1465                 size_t nr_apqns, len;
1466
1467                 if (copy_from_user(&kat, uat, sizeof(kat)))
1468                         return -EFAULT;
1469                 nr_apqns = kat.apqn_entries;
1470                 if (nr_apqns) {
1471                         apqns = kmalloc_array(nr_apqns,
1472                                               sizeof(struct pkey_apqn),
1473                                               GFP_KERNEL);
1474                         if (!apqns)
1475                                 return -ENOMEM;
1476                 }
1477                 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1478                                         kat.flags, apqns, &nr_apqns);
1479                 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1480                 if (rc && rc != -ENOSPC) {
1481                         kfree(apqns);
1482                         break;
1483                 }
1484                 if (!rc && kat.apqns) {
1485                         if (nr_apqns > kat.apqn_entries) {
1486                                 kfree(apqns);
1487                                 return -EINVAL;
1488                         }
1489                         len = nr_apqns * sizeof(struct pkey_apqn);
1490                         if (len) {
1491                                 if (copy_to_user(kat.apqns, apqns, len)) {
1492                                         kfree(apqns);
1493                                         return -EFAULT;
1494                                 }
1495                         }
1496                 }
1497                 kat.apqn_entries = nr_apqns;
1498                 if (copy_to_user(uat, &kat, sizeof(kat)))
1499                         rc = -EFAULT;
1500                 kfree(apqns);
1501                 break;
1502         }
1503         case PKEY_KBLOB2PROTK3: {
1504                 struct pkey_kblob2pkey3 __user *utp = (void __user *) arg;
1505                 struct pkey_kblob2pkey3 ktp;
1506                 struct pkey_apqn *apqns = NULL;
1507                 u32 protkeylen = PROTKEYBLOBBUFSIZE;
1508                 u8 *kkey, *protkey;
1509
1510                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1511                         return -EFAULT;
1512                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1513                 if (IS_ERR(apqns))
1514                         return PTR_ERR(apqns);
1515                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1516                 if (IS_ERR(kkey)) {
1517                         kfree(apqns);
1518                         return PTR_ERR(kkey);
1519                 }
1520                 protkey = kmalloc(protkeylen, GFP_KERNEL);
1521                 if (!protkey) {
1522                         kfree(apqns);
1523                         kfree(kkey);
1524                         return -ENOMEM;
1525                 }
1526                 rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey,
1527                                         ktp.keylen, &ktp.pkeytype,
1528                                         protkey, &protkeylen);
1529                 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1530                 kfree(apqns);
1531                 kfree(kkey);
1532                 if (rc) {
1533                         kfree(protkey);
1534                         break;
1535                 }
1536                 if (ktp.pkey && ktp.pkeylen) {
1537                         if (protkeylen > ktp.pkeylen) {
1538                                 kfree(protkey);
1539                                 return -EINVAL;
1540                         }
1541                         if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1542                                 kfree(protkey);
1543                                 return -EFAULT;
1544                         }
1545                 }
1546                 kfree(protkey);
1547                 ktp.pkeylen = protkeylen;
1548                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1549                         return -EFAULT;
1550                 break;
1551         }
1552         default:
1553                 /* unknown/unsupported ioctl cmd */
1554                 return -ENOTTY;
1555         }
1556
1557         return rc;
1558 }
1559
1560 /*
1561  * Sysfs and file io operations
1562  */
1563
1564 /*
1565  * Sysfs attribute read function for all protected key binary attributes.
1566  * The implementation can not deal with partial reads, because a new random
1567  * protected key blob is generated with each read. In case of partial reads
1568  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1569  */
1570 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1571                                           loff_t off, size_t count)
1572 {
1573         struct protaeskeytoken protkeytoken;
1574         struct pkey_protkey protkey;
1575         int rc;
1576
1577         if (off != 0 || count < sizeof(protkeytoken))
1578                 return -EINVAL;
1579         if (is_xts)
1580                 if (count < 2 * sizeof(protkeytoken))
1581                         return -EINVAL;
1582
1583         memset(&protkeytoken, 0, sizeof(protkeytoken));
1584         protkeytoken.type = TOKTYPE_NON_CCA;
1585         protkeytoken.version = TOKVER_PROTECTED_KEY;
1586         protkeytoken.keytype = keytype;
1587
1588         rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1589         if (rc)
1590                 return rc;
1591
1592         protkeytoken.len = protkey.len;
1593         memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1594
1595         memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1596
1597         if (is_xts) {
1598                 rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1599                 if (rc)
1600                         return rc;
1601
1602                 protkeytoken.len = protkey.len;
1603                 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1604
1605                 memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1606                        sizeof(protkeytoken));
1607
1608                 return 2 * sizeof(protkeytoken);
1609         }
1610
1611         return sizeof(protkeytoken);
1612 }
1613
1614 static ssize_t protkey_aes_128_read(struct file *filp,
1615                                     struct kobject *kobj,
1616                                     struct bin_attribute *attr,
1617                                     char *buf, loff_t off,
1618                                     size_t count)
1619 {
1620         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1621                                           off, count);
1622 }
1623
1624 static ssize_t protkey_aes_192_read(struct file *filp,
1625                                     struct kobject *kobj,
1626                                     struct bin_attribute *attr,
1627                                     char *buf, loff_t off,
1628                                     size_t count)
1629 {
1630         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1631                                           off, count);
1632 }
1633
1634 static ssize_t protkey_aes_256_read(struct file *filp,
1635                                     struct kobject *kobj,
1636                                     struct bin_attribute *attr,
1637                                     char *buf, loff_t off,
1638                                     size_t count)
1639 {
1640         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1641                                           off, count);
1642 }
1643
1644 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1645                                         struct kobject *kobj,
1646                                         struct bin_attribute *attr,
1647                                         char *buf, loff_t off,
1648                                         size_t count)
1649 {
1650         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1651                                           off, count);
1652 }
1653
1654 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1655                                         struct kobject *kobj,
1656                                         struct bin_attribute *attr,
1657                                         char *buf, loff_t off,
1658                                         size_t count)
1659 {
1660         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1661                                           off, count);
1662 }
1663
1664 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1665 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1666 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1667 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1668 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1669
1670 static struct bin_attribute *protkey_attrs[] = {
1671         &bin_attr_protkey_aes_128,
1672         &bin_attr_protkey_aes_192,
1673         &bin_attr_protkey_aes_256,
1674         &bin_attr_protkey_aes_128_xts,
1675         &bin_attr_protkey_aes_256_xts,
1676         NULL
1677 };
1678
1679 static struct attribute_group protkey_attr_group = {
1680         .name      = "protkey",
1681         .bin_attrs = protkey_attrs,
1682 };
1683
1684 /*
1685  * Sysfs attribute read function for all secure key ccadata binary attributes.
1686  * The implementation can not deal with partial reads, because a new random
1687  * protected key blob is generated with each read. In case of partial reads
1688  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1689  */
1690 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1691                                           loff_t off, size_t count)
1692 {
1693         int rc;
1694         struct pkey_seckey *seckey = (struct pkey_seckey *) buf;
1695
1696         if (off != 0 || count < sizeof(struct secaeskeytoken))
1697                 return -EINVAL;
1698         if (is_xts)
1699                 if (count < 2 * sizeof(struct secaeskeytoken))
1700                         return -EINVAL;
1701
1702         rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1703         if (rc)
1704                 return rc;
1705
1706         if (is_xts) {
1707                 seckey++;
1708                 rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1709                 if (rc)
1710                         return rc;
1711
1712                 return 2 * sizeof(struct secaeskeytoken);
1713         }
1714
1715         return sizeof(struct secaeskeytoken);
1716 }
1717
1718 static ssize_t ccadata_aes_128_read(struct file *filp,
1719                                     struct kobject *kobj,
1720                                     struct bin_attribute *attr,
1721                                     char *buf, loff_t off,
1722                                     size_t count)
1723 {
1724         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1725                                           off, count);
1726 }
1727
1728 static ssize_t ccadata_aes_192_read(struct file *filp,
1729                                     struct kobject *kobj,
1730                                     struct bin_attribute *attr,
1731                                     char *buf, loff_t off,
1732                                     size_t count)
1733 {
1734         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1735                                           off, count);
1736 }
1737
1738 static ssize_t ccadata_aes_256_read(struct file *filp,
1739                                     struct kobject *kobj,
1740                                     struct bin_attribute *attr,
1741                                     char *buf, loff_t off,
1742                                     size_t count)
1743 {
1744         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1745                                           off, count);
1746 }
1747
1748 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1749                                         struct kobject *kobj,
1750                                         struct bin_attribute *attr,
1751                                         char *buf, loff_t off,
1752                                         size_t count)
1753 {
1754         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1755                                           off, count);
1756 }
1757
1758 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
1759                                         struct kobject *kobj,
1760                                         struct bin_attribute *attr,
1761                                         char *buf, loff_t off,
1762                                         size_t count)
1763 {
1764         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1765                                           off, count);
1766 }
1767
1768 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
1769 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
1770 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
1771 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
1772 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
1773
1774 static struct bin_attribute *ccadata_attrs[] = {
1775         &bin_attr_ccadata_aes_128,
1776         &bin_attr_ccadata_aes_192,
1777         &bin_attr_ccadata_aes_256,
1778         &bin_attr_ccadata_aes_128_xts,
1779         &bin_attr_ccadata_aes_256_xts,
1780         NULL
1781 };
1782
1783 static struct attribute_group ccadata_attr_group = {
1784         .name      = "ccadata",
1785         .bin_attrs = ccadata_attrs,
1786 };
1787
1788 #define CCACIPHERTOKENSIZE      (sizeof(struct cipherkeytoken) + 80)
1789
1790 /*
1791  * Sysfs attribute read function for all secure key ccacipher binary attributes.
1792  * The implementation can not deal with partial reads, because a new random
1793  * secure key blob is generated with each read. In case of partial reads
1794  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1795  */
1796 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
1797                                             bool is_xts, char *buf, loff_t off,
1798                                             size_t count)
1799 {
1800         int i, rc, card, dom;
1801         u32 nr_apqns, *apqns = NULL;
1802         size_t keysize = CCACIPHERTOKENSIZE;
1803
1804         if (off != 0 || count < CCACIPHERTOKENSIZE)
1805                 return -EINVAL;
1806         if (is_xts)
1807                 if (count < 2 * CCACIPHERTOKENSIZE)
1808                         return -EINVAL;
1809
1810         /* build a list of apqns able to generate an cipher key */
1811         rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1812                            ZCRYPT_CEX6, 0, 0, 0, 0);
1813         if (rc)
1814                 return rc;
1815
1816         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1817
1818         /* simple try all apqns from the list */
1819         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1820                 card = apqns[i] >> 16;
1821                 dom = apqns[i] & 0xFFFF;
1822                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1823                 if (rc == 0)
1824                         break;
1825         }
1826         if (rc)
1827                 return rc;
1828
1829         if (is_xts) {
1830                 keysize = CCACIPHERTOKENSIZE;
1831                 buf += CCACIPHERTOKENSIZE;
1832                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1833                 if (rc == 0)
1834                         return 2 * CCACIPHERTOKENSIZE;
1835         }
1836
1837         return CCACIPHERTOKENSIZE;
1838 }
1839
1840 static ssize_t ccacipher_aes_128_read(struct file *filp,
1841                                       struct kobject *kobj,
1842                                       struct bin_attribute *attr,
1843                                       char *buf, loff_t off,
1844                                       size_t count)
1845 {
1846         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1847                                             off, count);
1848 }
1849
1850 static ssize_t ccacipher_aes_192_read(struct file *filp,
1851                                       struct kobject *kobj,
1852                                       struct bin_attribute *attr,
1853                                       char *buf, loff_t off,
1854                                       size_t count)
1855 {
1856         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1857                                             off, count);
1858 }
1859
1860 static ssize_t ccacipher_aes_256_read(struct file *filp,
1861                                       struct kobject *kobj,
1862                                       struct bin_attribute *attr,
1863                                       char *buf, loff_t off,
1864                                       size_t count)
1865 {
1866         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1867                                             off, count);
1868 }
1869
1870 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
1871                                           struct kobject *kobj,
1872                                           struct bin_attribute *attr,
1873                                           char *buf, loff_t off,
1874                                           size_t count)
1875 {
1876         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
1877                                             off, count);
1878 }
1879
1880 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
1881                                           struct kobject *kobj,
1882                                           struct bin_attribute *attr,
1883                                           char *buf, loff_t off,
1884                                           size_t count)
1885 {
1886         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
1887                                             off, count);
1888 }
1889
1890 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
1891 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
1892 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
1893 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
1894 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
1895
1896 static struct bin_attribute *ccacipher_attrs[] = {
1897         &bin_attr_ccacipher_aes_128,
1898         &bin_attr_ccacipher_aes_192,
1899         &bin_attr_ccacipher_aes_256,
1900         &bin_attr_ccacipher_aes_128_xts,
1901         &bin_attr_ccacipher_aes_256_xts,
1902         NULL
1903 };
1904
1905 static struct attribute_group ccacipher_attr_group = {
1906         .name      = "ccacipher",
1907         .bin_attrs = ccacipher_attrs,
1908 };
1909
1910 /*
1911  * Sysfs attribute read function for all ep11 aes key binary attributes.
1912  * The implementation can not deal with partial reads, because a new random
1913  * secure key blob is generated with each read. In case of partial reads
1914  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1915  * This function and the sysfs attributes using it provide EP11 key blobs
1916  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
1917  * 320 bytes.
1918  */
1919 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
1920                                        bool is_xts, char *buf, loff_t off,
1921                                        size_t count)
1922 {
1923         int i, rc, card, dom;
1924         u32 nr_apqns, *apqns = NULL;
1925         size_t keysize = MAXEP11AESKEYBLOBSIZE;
1926
1927         if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
1928                 return -EINVAL;
1929         if (is_xts)
1930                 if (count < 2 * MAXEP11AESKEYBLOBSIZE)
1931                         return -EINVAL;
1932
1933         /* build a list of apqns able to generate an cipher key */
1934         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1935                             ZCRYPT_CEX7, EP11_API_V, NULL);
1936         if (rc)
1937                 return rc;
1938
1939         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1940
1941         /* simple try all apqns from the list */
1942         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1943                 card = apqns[i] >> 16;
1944                 dom = apqns[i] & 0xFFFF;
1945                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1946                 if (rc == 0)
1947                         break;
1948         }
1949         if (rc)
1950                 return rc;
1951
1952         if (is_xts) {
1953                 keysize = MAXEP11AESKEYBLOBSIZE;
1954                 buf += MAXEP11AESKEYBLOBSIZE;
1955                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1956                 if (rc == 0)
1957                         return 2 * MAXEP11AESKEYBLOBSIZE;
1958         }
1959
1960         return MAXEP11AESKEYBLOBSIZE;
1961 }
1962
1963 static ssize_t ep11_aes_128_read(struct file *filp,
1964                                  struct kobject *kobj,
1965                                  struct bin_attribute *attr,
1966                                  char *buf, loff_t off,
1967                                  size_t count)
1968 {
1969         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1970                                        off, count);
1971 }
1972
1973 static ssize_t ep11_aes_192_read(struct file *filp,
1974                                  struct kobject *kobj,
1975                                  struct bin_attribute *attr,
1976                                  char *buf, loff_t off,
1977                                  size_t count)
1978 {
1979         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1980                                        off, count);
1981 }
1982
1983 static ssize_t ep11_aes_256_read(struct file *filp,
1984                                  struct kobject *kobj,
1985                                  struct bin_attribute *attr,
1986                                  char *buf, loff_t off,
1987                                  size_t count)
1988 {
1989         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1990                                        off, count);
1991 }
1992
1993 static ssize_t ep11_aes_128_xts_read(struct file *filp,
1994                                      struct kobject *kobj,
1995                                      struct bin_attribute *attr,
1996                                      char *buf, loff_t off,
1997                                      size_t count)
1998 {
1999         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2000                                        off, count);
2001 }
2002
2003 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2004                                      struct kobject *kobj,
2005                                      struct bin_attribute *attr,
2006                                      char *buf, loff_t off,
2007                                      size_t count)
2008 {
2009         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2010                                        off, count);
2011 }
2012
2013 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2014 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2015 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2016 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2017 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2018
2019 static struct bin_attribute *ep11_attrs[] = {
2020         &bin_attr_ep11_aes_128,
2021         &bin_attr_ep11_aes_192,
2022         &bin_attr_ep11_aes_256,
2023         &bin_attr_ep11_aes_128_xts,
2024         &bin_attr_ep11_aes_256_xts,
2025         NULL
2026 };
2027
2028 static struct attribute_group ep11_attr_group = {
2029         .name      = "ep11",
2030         .bin_attrs = ep11_attrs,
2031 };
2032
2033 static const struct attribute_group *pkey_attr_groups[] = {
2034         &protkey_attr_group,
2035         &ccadata_attr_group,
2036         &ccacipher_attr_group,
2037         &ep11_attr_group,
2038         NULL,
2039 };
2040
2041 static const struct file_operations pkey_fops = {
2042         .owner          = THIS_MODULE,
2043         .open           = nonseekable_open,
2044         .llseek         = no_llseek,
2045         .unlocked_ioctl = pkey_unlocked_ioctl,
2046 };
2047
2048 static struct miscdevice pkey_dev = {
2049         .name   = "pkey",
2050         .minor  = MISC_DYNAMIC_MINOR,
2051         .mode   = 0666,
2052         .fops   = &pkey_fops,
2053         .groups = pkey_attr_groups,
2054 };
2055
2056 /*
2057  * Module init
2058  */
2059 static int __init pkey_init(void)
2060 {
2061         cpacf_mask_t kmc_functions;
2062
2063         /*
2064          * The pckmo instruction should be available - even if we don't
2065          * actually invoke it. This instruction comes with MSA 3 which
2066          * is also the minimum level for the kmc instructions which
2067          * are able to work with protected keys.
2068          */
2069         if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
2070                 return -ENODEV;
2071
2072         /* check for kmc instructions available */
2073         if (!cpacf_query(CPACF_KMC, &kmc_functions))
2074                 return -ENODEV;
2075         if (!cpacf_test_func(&kmc_functions, CPACF_KMC_PAES_128) ||
2076             !cpacf_test_func(&kmc_functions, CPACF_KMC_PAES_192) ||
2077             !cpacf_test_func(&kmc_functions, CPACF_KMC_PAES_256))
2078                 return -ENODEV;
2079
2080         pkey_debug_init();
2081
2082         return misc_register(&pkey_dev);
2083 }
2084
2085 /*
2086  * Module exit
2087  */
2088 static void __exit pkey_exit(void)
2089 {
2090         misc_deregister(&pkey_dev);
2091         pkey_debug_exit();
2092 }
2093
2094 module_cpu_feature_match(MSA, pkey_init);
2095 module_exit(pkey_exit);