drivers/s390/crypto/pkey_api.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *  pkey device driver
   4  *
   5  *  Copyright IBM Corp. 2017,2019
   6  *  Author(s): Harald Freudenberger
   7  */
   8
   9 #define KMSG_COMPONENT "pkey"
  10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
  11
  12 #include <linux/fs.h>
  13 #include <linux/init.h>
  14 #include <linux/miscdevice.h>
  15 #include <linux/module.h>
  16 #include <linux/slab.h>
  17 #include <linux/kallsyms.h>
  18 #include <linux/debugfs.h>
  19 #include <linux/random.h>
  20 #include <linux/cpufeature.h>
  21 #include <asm/zcrypt.h>
  22 #include <asm/cpacf.h>
  23 #include <asm/pkey.h>
  24 #include <crypto/aes.h>
  25
  26 #include "zcrypt_api.h"
  27 #include "zcrypt_ccamisc.h"
  28 #include "zcrypt_ep11misc.h"
  29
  30 MODULE_LICENSE("GPL");
  31 MODULE_AUTHOR("IBM Corporation");
  32 MODULE_DESCRIPTION("s390 protected key interface");
  33
  34 #define KEYBLOBBUFSIZE 8192     /* key buffer size used for internal processing */
  35 #define PROTKEYBLOBBUFSIZE 256  /* protected key buffer size used internal */
  36 #define MAXAPQNSINLIST 64       /* max 64 apqns within a apqn list */
  37
  38 /*
  39  * debug feature data and functions
  40  */
  41
  42 static debug_info_t *debug_info;
  43
  44 #define DEBUG_DBG(...)  debug_sprintf_event(debug_info, 6, ##__VA_ARGS__)
  45 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__)
  46 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__)
  47 #define DEBUG_ERR(...)  debug_sprintf_event(debug_info, 3, ##__VA_ARGS__)
  48
  49 static void __init pkey_debug_init(void)
  50 {
  51         /* 5 arguments per dbf entry (including the format string ptr) */
  52         debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
  53         debug_register_view(debug_info, &debug_sprintf_view);
  54         debug_set_level(debug_info, 3);
  55 }
  56
  57 static void __exit pkey_debug_exit(void)
  58 {
  59         debug_unregister(debug_info);
  60 }
  61
  62 /* inside view of a protected key token (only type 0x00 version 0x01) */
  63 struct protaeskeytoken {
  64         u8  type;     /* 0x00 for PAES specific key tokens */
  65         u8  res0[3];
  66         u8  version;  /* should be 0x01 for protected AES key token */
  67         u8  res1[3];
  68         u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
  69         u32 len;      /* bytes actually stored in protkey[] */
  70         u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
  71 } __packed;
  72
  73 /* inside view of a clear key token (type 0x00 version 0x02) */
  74 struct clearaeskeytoken {
  75         u8  type;        /* 0x00 for PAES specific key tokens */
  76         u8  res0[3];
  77         u8  version;     /* 0x02 for clear AES key token */
  78         u8  res1[3];
  79         u32 keytype;     /* key type, one of the PKEY_KEYTYPE values */
  80         u32 len;         /* bytes actually stored in clearkey[] */
  81         u8  clearkey[]; /* clear key value */
  82 } __packed;
  83
  84 /*
  85  * Create a protected key from a clear key value.
  86  */
  87 static int pkey_clr2protkey(u32 keytype,
  88                             const struct pkey_clrkey *clrkey,
  89                             struct pkey_protkey *protkey)
  90 {
  91         /* mask of available pckmo subfunctions */
  92         static cpacf_mask_t pckmo_functions;
  93
  94         long fc;
  95         int keysize;
  96         u8 paramblock[64];
  97
  98         switch (keytype) {
  99         case PKEY_KEYTYPE_AES_128:
 100                 keysize = 16;
 101                 fc = CPACF_PCKMO_ENC_AES_128_KEY;
 102                 break;
 103         case PKEY_KEYTYPE_AES_192:
 104                 keysize = 24;
 105                 fc = CPACF_PCKMO_ENC_AES_192_KEY;
 106                 break;
 107         case PKEY_KEYTYPE_AES_256:
 108                 keysize = 32;
 109                 fc = CPACF_PCKMO_ENC_AES_256_KEY;
 110                 break;
 111         default:
 112                 DEBUG_ERR("%s unknown/unsupported keytype %d\n",
 113                           __func__, keytype);
 114                 return -EINVAL;
 115         }
 116
 117         /* Did we already check for PCKMO ? */
 118         if (!pckmo_functions.bytes[0]) {
 119                 /* no, so check now */
 120                 if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
 121                         return -ENODEV;
 122         }
 123         /* check for the pckmo subfunction we need now */
 124         if (!cpacf_test_func(&pckmo_functions, fc)) {
 125                 DEBUG_ERR("%s pckmo functions not available\n", __func__);
 126                 return -ENODEV;
 127         }
 128
 129         /* prepare param block */
 130         memset(paramblock, 0, sizeof(paramblock));
 131         memcpy(paramblock, clrkey->clrkey, keysize);
 132
 133         /* call the pckmo instruction */
 134         cpacf_pckmo(fc, paramblock);
 135
 136         /* copy created protected key */
 137         protkey->type = keytype;
 138         protkey->len = keysize + 32;
 139         memcpy(protkey->protkey, paramblock, keysize + 32);
 140
 141         return 0;
 142 }
 143
 144 /*
 145  * Find card and transform secure key into protected key.
 146  */
 147 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey)
 148 {
 149         int rc, verify;
 150         u16 cardnr, domain;
 151         struct keytoken_header *hdr = (struct keytoken_header *)key;
 152
 153         zcrypt_wait_api_operational();
 154
 155         /*
 156          * The cca_xxx2protkey call may fail when a card has been
 157          * addressed where the master key was changed after last fetch
 158          * of the mkvp into the cache. Try 3 times: First witout verify
 159          * then with verify and last round with verify and old master
 160          * key verification pattern match not ignored.
 161          */
 162         for (verify = 0; verify < 3; verify++) {
 163                 rc = cca_findcard(key, &cardnr, &domain, verify);
 164                 if (rc < 0)
 165                         continue;
 166                 if (rc > 0 && verify < 2)
 167                         continue;
 168                 switch (hdr->version) {
 169                 case TOKVER_CCA_AES:
 170                         rc = cca_sec2protkey(cardnr, domain,
 171                                              key, pkey->protkey,
 172                                              &pkey->len, &pkey->type);
 173                         break;
 174                 case TOKVER_CCA_VLSC:
 175                         rc = cca_cipher2protkey(cardnr, domain,
 176                                                 key, pkey->protkey,
 177                                                 &pkey->len, &pkey->type);
 178                         break;
 179                 default:
 180                         return -EINVAL;
 181                 }
 182                 if (rc == 0)
 183                         break;
 184         }
 185
 186         if (rc)
 187                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 188
 189         return rc;
 190 }
 191
 192 /*
 193  * Construct EP11 key with given clear key value.
 194  */
 195 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
 196                             u8 *keybuf, size_t *keybuflen)
 197 {
 198         int i, rc;
 199         u16 card, dom;
 200         u32 nr_apqns, *apqns = NULL;
 201
 202         zcrypt_wait_api_operational();
 203
 204         /* build a list of apqns suitable for ep11 keys with cpacf support */
 205         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 206                             ZCRYPT_CEX7, EP11_API_V, NULL);
 207         if (rc)
 208                 goto out;
 209
 210         /* go through the list of apqns and try to bild an ep11 key */
 211         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 212                 card = apqns[i] >> 16;
 213                 dom = apqns[i] & 0xFFFF;
 214                 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
 215                                       0, clrkey, keybuf, keybuflen);
 216                 if (rc == 0)
 217                         break;
 218         }
 219
 220 out:
 221         kfree(apqns);
 222         if (rc)
 223                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 224         return rc;
 225 }
 226
 227 /*
 228  * Find card and transform EP11 secure key into protected key.
 229  */
 230 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey)
 231 {
 232         int i, rc;
 233         u16 card, dom;
 234         u32 nr_apqns, *apqns = NULL;
 235         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 236
 237         zcrypt_wait_api_operational();
 238
 239         /* build a list of apqns suitable for this key */
 240         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 241                             ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 242         if (rc)
 243                 goto out;
 244
 245         /* go through the list of apqns and try to derive an pkey */
 246         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 247                 card = apqns[i] >> 16;
 248                 dom = apqns[i] & 0xFFFF;
 249                 pkey->len = sizeof(pkey->protkey);
 250                 rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 251                                         pkey->protkey, &pkey->len, &pkey->type);
 252                 if (rc == 0)
 253                         break;
 254         }
 255
 256 out:
 257         kfree(apqns);
 258         if (rc)
 259                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 260         return rc;
 261 }
 262
 263 /*
 264  * Verify key and give back some info about the key.
 265  */
 266 static int pkey_verifykey(const struct pkey_seckey *seckey,
 267                           u16 *pcardnr, u16 *pdomain,
 268                           u16 *pkeysize, u32 *pattributes)
 269 {
 270         struct secaeskeytoken *t = (struct secaeskeytoken *) seckey;
 271         u16 cardnr, domain;
 272         int rc;
 273
 274         /* check the secure key for valid AES secure key */
 275         rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0);
 276         if (rc)
 277                 goto out;
 278         if (pattributes)
 279                 *pattributes = PKEY_VERIFY_ATTR_AES;
 280         if (pkeysize)
 281                 *pkeysize = t->bitsize;
 282
 283         /* try to find a card which can handle this key */
 284         rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
 285         if (rc < 0)
 286                 goto out;
 287
 288         if (rc > 0) {
 289                 /* key mkvp matches to old master key mkvp */
 290                 DEBUG_DBG("%s secure key has old mkvp\n", __func__);
 291                 if (pattributes)
 292                         *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
 293                 rc = 0;
 294         }
 295
 296         if (pcardnr)
 297                 *pcardnr = cardnr;
 298         if (pdomain)
 299                 *pdomain = domain;
 300
 301 out:
 302         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 303         return rc;
 304 }
 305
 306 /*
 307  * Generate a random protected key
 308  */
 309 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey)
 310 {
 311         struct pkey_clrkey clrkey;
 312         int keysize;
 313         int rc;
 314
 315         switch (keytype) {
 316         case PKEY_KEYTYPE_AES_128:
 317                 keysize = 16;
 318                 break;
 319         case PKEY_KEYTYPE_AES_192:
 320                 keysize = 24;
 321                 break;
 322         case PKEY_KEYTYPE_AES_256:
 323                 keysize = 32;
 324                 break;
 325         default:
 326                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 327                           keytype);
 328                 return -EINVAL;
 329         }
 330
 331         /* generate a dummy random clear key */
 332         get_random_bytes(clrkey.clrkey, keysize);
 333
 334         /* convert it to a dummy protected key */
 335         rc = pkey_clr2protkey(keytype, &clrkey, protkey);
 336         if (rc)
 337                 return rc;
 338
 339         /* replace the key part of the protected key with random bytes */
 340         get_random_bytes(protkey->protkey, keysize);
 341
 342         return 0;
 343 }
 344
 345 /*
 346  * Verify if a protected key is still valid
 347  */
 348 static int pkey_verifyprotkey(const struct pkey_protkey *protkey)
 349 {
 350         unsigned long fc;
 351         struct {
 352                 u8 iv[AES_BLOCK_SIZE];
 353                 u8 key[MAXPROTKEYSIZE];
 354         } param;
 355         u8 null_msg[AES_BLOCK_SIZE];
 356         u8 dest_buf[AES_BLOCK_SIZE];
 357         unsigned int k;
 358
 359         switch (protkey->type) {
 360         case PKEY_KEYTYPE_AES_128:
 361                 fc = CPACF_KMC_PAES_128;
 362                 break;
 363         case PKEY_KEYTYPE_AES_192:
 364                 fc = CPACF_KMC_PAES_192;
 365                 break;
 366         case PKEY_KEYTYPE_AES_256:
 367                 fc = CPACF_KMC_PAES_256;
 368                 break;
 369         default:
 370                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 371                           protkey->type);
 372                 return -EINVAL;
 373         }
 374
 375         memset(null_msg, 0, sizeof(null_msg));
 376
 377         memset(param.iv, 0, sizeof(param.iv));
 378         memcpy(param.key, protkey->protkey, sizeof(param.key));
 379
 380         k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
 381                       sizeof(null_msg));
 382         if (k != sizeof(null_msg)) {
 383                 DEBUG_ERR("%s protected key is not valid\n", __func__);
 384                 return -EKEYREJECTED;
 385         }
 386
 387         return 0;
 388 }
 389
 390 /*
 391  * Transform a non-CCA key token into a protected key
 392  */
 393 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
 394                                struct pkey_protkey *protkey)
 395 {
 396         int rc = -EINVAL;
 397         u8 *tmpbuf = NULL;
 398         struct keytoken_header *hdr = (struct keytoken_header *)key;
 399
 400         switch (hdr->version) {
 401         case TOKVER_PROTECTED_KEY: {
 402                 struct protaeskeytoken *t;
 403
 404                 if (keylen != sizeof(struct protaeskeytoken))
 405                         goto out;
 406                 t = (struct protaeskeytoken *)key;
 407                 protkey->len = t->len;
 408                 protkey->type = t->keytype;
 409                 memcpy(protkey->protkey, t->protkey,
 410                        sizeof(protkey->protkey));
 411                 rc = pkey_verifyprotkey(protkey);
 412                 break;
 413         }
 414         case TOKVER_CLEAR_KEY: {
 415                 struct clearaeskeytoken *t;
 416                 struct pkey_clrkey ckey;
 417                 union u_tmpbuf {
 418                         u8 skey[SECKEYBLOBSIZE];
 419                         u8 ep11key[MAXEP11AESKEYBLOBSIZE];
 420                 };
 421                 size_t tmpbuflen = sizeof(union u_tmpbuf);
 422
 423                 if (keylen < sizeof(struct clearaeskeytoken))
 424                         goto out;
 425                 t = (struct clearaeskeytoken *)key;
 426                 if (keylen != sizeof(*t) + t->len)
 427                         goto out;
 428                 if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16)
 429                     || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24)
 430                     || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32))
 431                         memcpy(ckey.clrkey, t->clearkey, t->len);
 432                 else
 433                         goto out;
 434                 /* alloc temp key buffer space */
 435                 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
 436                 if (!tmpbuf) {
 437                         rc = -ENOMEM;
 438                         goto out;
 439                 }
 440                 /* try direct way with the PCKMO instruction */
 441                 rc = pkey_clr2protkey(t->keytype, &ckey, protkey);
 442                 if (rc == 0)
 443                         break;
 444                 /* PCKMO failed, so try the CCA secure key way */
 445                 zcrypt_wait_api_operational();
 446                 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype,
 447                                     ckey.clrkey, tmpbuf);
 448                 if (rc == 0)
 449                         rc = pkey_skey2pkey(tmpbuf, protkey);
 450                 if (rc == 0)
 451                         break;
 452                 /* if the CCA way also failed, let's try via EP11 */
 453                 rc = pkey_clr2ep11key(ckey.clrkey, t->len,
 454                                       tmpbuf, &tmpbuflen);
 455                 if (rc == 0)
 456                         rc = pkey_ep11key2pkey(tmpbuf, protkey);
 457                 /* now we should really have an protected key */
 458                 DEBUG_ERR("%s unable to build protected key from clear",
 459                           __func__);
 460                 break;
 461         }
 462         case TOKVER_EP11_AES: {
 463                 /* check ep11 key for exportable as protected key */
 464                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 465                 if (rc)
 466                         goto out;
 467                 rc = pkey_ep11key2pkey(key, protkey);
 468                 break;
 469         }
 470         case TOKVER_EP11_AES_WITH_HEADER:
 471                 /* check ep11 key with header for exportable as protected key */
 472                 rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1);
 473                 if (rc)
 474                         goto out;
 475                 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header),
 476                                        protkey);
 477                 break;
 478         default:
 479                 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n",
 480                           __func__, hdr->version);
 481                 rc = -EINVAL;
 482         }
 483
 484 out:
 485         kfree(tmpbuf);
 486         return rc;
 487 }
 488
 489 /*
 490  * Transform a CCA internal key token into a protected key
 491  */
 492 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
 493                                struct pkey_protkey *protkey)
 494 {
 495         struct keytoken_header *hdr = (struct keytoken_header *)key;
 496
 497         switch (hdr->version) {
 498         case TOKVER_CCA_AES:
 499                 if (keylen != sizeof(struct secaeskeytoken))
 500                         return -EINVAL;
 501                 break;
 502         case TOKVER_CCA_VLSC:
 503                 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 504                         return -EINVAL;
 505                 break;
 506         default:
 507                 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n",
 508                           __func__, hdr->version);
 509                 return -EINVAL;
 510         }
 511
 512         return pkey_skey2pkey(key, protkey);
 513 }
 514
 515 /*
 516  * Transform a key blob (of any type) into a protected key
 517  */
 518 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
 519                       struct pkey_protkey *protkey)
 520 {
 521         int rc;
 522         struct keytoken_header *hdr = (struct keytoken_header *)key;
 523
 524         if (keylen < sizeof(struct keytoken_header)) {
 525                 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen);
 526                 return -EINVAL;
 527         }
 528
 529         switch (hdr->type) {
 530         case TOKTYPE_NON_CCA:
 531                 rc = pkey_nonccatok2pkey(key, keylen, protkey);
 532                 break;
 533         case TOKTYPE_CCA_INTERNAL:
 534                 rc = pkey_ccainttok2pkey(key, keylen, protkey);
 535                 break;
 536         default:
 537                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 538                           __func__, hdr->type);
 539                 return -EINVAL;
 540         }
 541
 542         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 543         return rc;
 544
 545 }
 546 EXPORT_SYMBOL(pkey_keyblob2pkey);
 547
 548 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 549                            enum pkey_key_type ktype, enum pkey_key_size ksize,
 550                            u32 kflags, u8 *keybuf, size_t *keybufsize)
 551 {
 552         int i, card, dom, rc;
 553
 554         /* check for at least one apqn given */
 555         if (!apqns || !nr_apqns)
 556                 return -EINVAL;
 557
 558         /* check key type and size */
 559         switch (ktype) {
 560         case PKEY_TYPE_CCA_DATA:
 561         case PKEY_TYPE_CCA_CIPHER:
 562                 if (*keybufsize < SECKEYBLOBSIZE)
 563                         return -EINVAL;
 564                 break;
 565         case PKEY_TYPE_EP11:
 566                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 567                         return -EINVAL;
 568                 break;
 569         default:
 570                 return -EINVAL;
 571         }
 572         switch (ksize) {
 573         case PKEY_SIZE_AES_128:
 574         case PKEY_SIZE_AES_192:
 575         case PKEY_SIZE_AES_256:
 576                 break;
 577         default:
 578                 return -EINVAL;
 579         }
 580
 581         /* simple try all apqns from the list */
 582         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 583                 card = apqns[i].card;
 584                 dom = apqns[i].domain;
 585                 if (ktype == PKEY_TYPE_EP11) {
 586                         rc = ep11_genaeskey(card, dom, ksize, kflags,
 587                                             keybuf, keybufsize);
 588                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 589                         rc = cca_genseckey(card, dom, ksize, keybuf);
 590                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 591                 } else /* TOKVER_CCA_VLSC */
 592                         rc = cca_gencipherkey(card, dom, ksize, kflags,
 593                                               keybuf, keybufsize);
 594                 if (rc == 0)
 595                         break;
 596         }
 597
 598         return rc;
 599 }
 600
 601 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 602                             enum pkey_key_type ktype, enum pkey_key_size ksize,
 603                             u32 kflags, const u8 *clrkey,
 604                             u8 *keybuf, size_t *keybufsize)
 605 {
 606         int i, card, dom, rc;
 607
 608         /* check for at least one apqn given */
 609         if (!apqns || !nr_apqns)
 610                 return -EINVAL;
 611
 612         /* check key type and size */
 613         switch (ktype) {
 614         case PKEY_TYPE_CCA_DATA:
 615         case PKEY_TYPE_CCA_CIPHER:
 616                 if (*keybufsize < SECKEYBLOBSIZE)
 617                         return -EINVAL;
 618                 break;
 619         case PKEY_TYPE_EP11:
 620                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 621                         return -EINVAL;
 622                 break;
 623         default:
 624                 return -EINVAL;
 625         }
 626         switch (ksize) {
 627         case PKEY_SIZE_AES_128:
 628         case PKEY_SIZE_AES_192:
 629         case PKEY_SIZE_AES_256:
 630                 break;
 631         default:
 632                 return -EINVAL;
 633         }
 634
 635         zcrypt_wait_api_operational();
 636
 637         /* simple try all apqns from the list */
 638         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 639                 card = apqns[i].card;
 640                 dom = apqns[i].domain;
 641                 if (ktype == PKEY_TYPE_EP11) {
 642                         rc = ep11_clr2keyblob(card, dom, ksize, kflags,
 643                                               clrkey, keybuf, keybufsize);
 644                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 645                         rc = cca_clr2seckey(card, dom, ksize,
 646                                             clrkey, keybuf);
 647                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 648                 } else /* TOKVER_CCA_VLSC */
 649                         rc = cca_clr2cipherkey(card, dom, ksize, kflags,
 650                                                clrkey, keybuf, keybufsize);
 651                 if (rc == 0)
 652                         break;
 653         }
 654
 655         return rc;
 656 }
 657
 658 static int pkey_verifykey2(const u8 *key, size_t keylen,
 659                            u16 *cardnr, u16 *domain,
 660                            enum pkey_key_type *ktype,
 661                            enum pkey_key_size *ksize, u32 *flags)
 662 {
 663         int rc;
 664         u32 _nr_apqns, *_apqns = NULL;
 665         struct keytoken_header *hdr = (struct keytoken_header *)key;
 666
 667         if (keylen < sizeof(struct keytoken_header))
 668                 return -EINVAL;
 669
 670         if (hdr->type == TOKTYPE_CCA_INTERNAL
 671             && hdr->version == TOKVER_CCA_AES) {
 672                 struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 673
 674                 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0);
 675                 if (rc)
 676                         goto out;
 677                 if (ktype)
 678                         *ktype = PKEY_TYPE_CCA_DATA;
 679                 if (ksize)
 680                         *ksize = (enum pkey_key_size) t->bitsize;
 681
 682                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 683                                    ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
 684                 if (rc == 0 && flags)
 685                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 686                 if (rc == -ENODEV) {
 687                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 688                                            *cardnr, *domain,
 689                                            ZCRYPT_CEX3C, AES_MK_SET,
 690                                            0, t->mkvp, 1);
 691                         if (rc == 0 && flags)
 692                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 693                 }
 694                 if (rc)
 695                         goto out;
 696
 697                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 698                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 699
 700         } else if (hdr->type == TOKTYPE_CCA_INTERNAL
 701                    && hdr->version == TOKVER_CCA_VLSC) {
 702                 struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 703
 704                 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1);
 705                 if (rc)
 706                         goto out;
 707                 if (ktype)
 708                         *ktype = PKEY_TYPE_CCA_CIPHER;
 709                 if (ksize) {
 710                         *ksize = PKEY_SIZE_UNKNOWN;
 711                         if (!t->plfver && t->wpllen == 512)
 712                                 *ksize = PKEY_SIZE_AES_128;
 713                         else if (!t->plfver && t->wpllen == 576)
 714                                 *ksize = PKEY_SIZE_AES_192;
 715                         else if (!t->plfver && t->wpllen == 640)
 716                                 *ksize = PKEY_SIZE_AES_256;
 717                 }
 718
 719                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 720                                    ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
 721                 if (rc == 0 && flags)
 722                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 723                 if (rc == -ENODEV) {
 724                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 725                                            *cardnr, *domain,
 726                                            ZCRYPT_CEX6, AES_MK_SET,
 727                                            0, t->mkvp0, 1);
 728                         if (rc == 0 && flags)
 729                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 730                 }
 731                 if (rc)
 732                         goto out;
 733
 734                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 735                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 736
 737         } else if (hdr->type == TOKTYPE_NON_CCA
 738                    && hdr->version == TOKVER_EP11_AES) {
 739                 struct ep11keyblob *kb = (struct ep11keyblob *)key;
 740
 741                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 742                 if (rc)
 743                         goto out;
 744                 if (ktype)
 745                         *ktype = PKEY_TYPE_EP11;
 746                 if (ksize)
 747                         *ksize = kb->head.keybitlen;
 748
 749                 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 750                                     ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 751                 if (rc)
 752                         goto out;
 753
 754                 if (flags)
 755                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 756
 757                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 758                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 759
 760         } else
 761                 rc = -EINVAL;
 762
 763 out:
 764         kfree(_apqns);
 765         return rc;
 766 }
 767
 768 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 769                               const u8 *key, size_t keylen,
 770                               struct pkey_protkey *pkey)
 771 {
 772         int i, card, dom, rc;
 773         struct keytoken_header *hdr = (struct keytoken_header *)key;
 774
 775         /* check for at least one apqn given */
 776         if (!apqns || !nr_apqns)
 777                 return -EINVAL;
 778
 779         if (keylen < sizeof(struct keytoken_header))
 780                 return -EINVAL;
 781
 782         if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 783                 if (hdr->version == TOKVER_CCA_AES) {
 784                         if (keylen != sizeof(struct secaeskeytoken))
 785                                 return -EINVAL;
 786                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
 787                                 return -EINVAL;
 788                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 789                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 790                                 return -EINVAL;
 791                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
 792                                 return -EINVAL;
 793                 } else {
 794                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
 795                                   __func__, hdr->version);
 796                         return -EINVAL;
 797                 }
 798         } else if (hdr->type == TOKTYPE_NON_CCA) {
 799                 if (hdr->version == TOKVER_EP11_AES) {
 800                         if (keylen < sizeof(struct ep11keyblob))
 801                                 return -EINVAL;
 802                         if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
 803                                 return -EINVAL;
 804                 } else {
 805                         return pkey_nonccatok2pkey(key, keylen, pkey);
 806                 }
 807         } else {
 808                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 809                           __func__, hdr->type);
 810                 return -EINVAL;
 811         }
 812
 813         zcrypt_wait_api_operational();
 814
 815         /* simple try all apqns from the list */
 816         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 817                 card = apqns[i].card;
 818                 dom = apqns[i].domain;
 819                 if (hdr->type == TOKTYPE_CCA_INTERNAL
 820                     && hdr->version == TOKVER_CCA_AES)
 821                         rc = cca_sec2protkey(card, dom, key, pkey->protkey,
 822                                              &pkey->len, &pkey->type);
 823                 else if (hdr->type == TOKTYPE_CCA_INTERNAL
 824                          && hdr->version == TOKVER_CCA_VLSC)
 825                         rc = cca_cipher2protkey(card, dom, key, pkey->protkey,
 826                                                 &pkey->len, &pkey->type);
 827                 else { /* EP11 AES secure key blob */
 828                         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 829
 830                         pkey->len = sizeof(pkey->protkey);
 831                         rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 832                                                 pkey->protkey, &pkey->len,
 833                                                 &pkey->type);
 834                 }
 835                 if (rc == 0)
 836                         break;
 837         }
 838
 839         return rc;
 840 }
 841
 842 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
 843                           struct pkey_apqn *apqns, size_t *nr_apqns)
 844 {
 845         int rc;
 846         u32 _nr_apqns, *_apqns = NULL;
 847         struct keytoken_header *hdr = (struct keytoken_header *)key;
 848
 849         if (keylen < sizeof(struct keytoken_header) || flags == 0)
 850                 return -EINVAL;
 851
 852         zcrypt_wait_api_operational();
 853
 854         if (hdr->type == TOKTYPE_NON_CCA
 855             && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
 856                 || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
 857             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
 858                 int minhwtype = 0, api = 0;
 859                 struct ep11keyblob *kb = (struct ep11keyblob *)
 860                         (key + sizeof(struct ep11kblob_header));
 861
 862                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 863                         return -EINVAL;
 864                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 865                         minhwtype = ZCRYPT_CEX7;
 866                         api = EP11_API_V;
 867                 }
 868                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 869                                     minhwtype, api, kb->wkvp);
 870                 if (rc)
 871                         goto out;
 872         } else if (hdr->type == TOKTYPE_NON_CCA
 873                    && hdr->version == TOKVER_EP11_AES
 874                    && is_ep11_keyblob(key)) {
 875                 int minhwtype = 0, api = 0;
 876                 struct ep11keyblob *kb = (struct ep11keyblob *) key;
 877
 878                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 879                         return -EINVAL;
 880                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 881                         minhwtype = ZCRYPT_CEX7;
 882                         api = EP11_API_V;
 883                 }
 884                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 885                                     minhwtype, api, kb->wkvp);
 886                 if (rc)
 887                         goto out;
 888         } else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 889                 int minhwtype = ZCRYPT_CEX3C;
 890                 u64 cur_mkvp = 0, old_mkvp = 0;
 891
 892                 if (hdr->version == TOKVER_CCA_AES) {
 893                         struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 894
 895                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 896                                 cur_mkvp = t->mkvp;
 897                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 898                                 old_mkvp = t->mkvp;
 899                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 900                         struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 901
 902                         minhwtype = ZCRYPT_CEX6;
 903                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 904                                 cur_mkvp = t->mkvp0;
 905                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 906                                 old_mkvp = t->mkvp0;
 907                 } else {
 908                         /* unknown cca internal token type */
 909                         return -EINVAL;
 910                 }
 911                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 912                                    minhwtype, AES_MK_SET,
 913                                    cur_mkvp, old_mkvp, 1);
 914                 if (rc)
 915                         goto out;
 916         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
 917                 u64 cur_mkvp = 0, old_mkvp = 0;
 918                 struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
 919
 920                 if (t->secid == 0x20) {
 921                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 922                                 cur_mkvp = t->mkvp;
 923                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 924                                 old_mkvp = t->mkvp;
 925                 } else {
 926                         /* unknown cca internal 2 token type */
 927                         return -EINVAL;
 928                 }
 929                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 930                                    ZCRYPT_CEX7, APKA_MK_SET,
 931                                    cur_mkvp, old_mkvp, 1);
 932                 if (rc)
 933                         goto out;
 934         } else
 935                 return -EINVAL;
 936
 937         if (apqns) {
 938                 if (*nr_apqns < _nr_apqns)
 939                         rc = -ENOSPC;
 940                 else
 941                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 942         }
 943         *nr_apqns = _nr_apqns;
 944
 945 out:
 946         kfree(_apqns);
 947         return rc;
 948 }
 949
 950 static int pkey_apqns4keytype(enum pkey_key_type ktype,
 951                               u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
 952                               struct pkey_apqn *apqns, size_t *nr_apqns)
 953 {
 954         int rc;
 955         u32 _nr_apqns, *_apqns = NULL;
 956
 957         zcrypt_wait_api_operational();
 958
 959         if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
 960                 u64 cur_mkvp = 0, old_mkvp = 0;
 961                 int minhwtype = ZCRYPT_CEX3C;
 962
 963                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 964                         cur_mkvp = *((u64 *) cur_mkvp);
 965                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 966                         old_mkvp = *((u64 *) alt_mkvp);
 967                 if (ktype == PKEY_TYPE_CCA_CIPHER)
 968                         minhwtype = ZCRYPT_CEX6;
 969                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 970                                    minhwtype, AES_MK_SET,
 971                                    cur_mkvp, old_mkvp, 1);
 972                 if (rc)
 973                         goto out;
 974         } else if (ktype == PKEY_TYPE_CCA_ECC) {
 975                 u64 cur_mkvp = 0, old_mkvp = 0;
 976
 977                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 978                         cur_mkvp = *((u64 *) cur_mkvp);
 979                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 980                         old_mkvp = *((u64 *) alt_mkvp);
 981                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 982                                    ZCRYPT_CEX7, APKA_MK_SET,
 983                                    cur_mkvp, old_mkvp, 1);
 984                 if (rc)
 985                         goto out;
 986
 987         } else if (ktype == PKEY_TYPE_EP11 ||
 988                    ktype == PKEY_TYPE_EP11_AES ||
 989                    ktype == PKEY_TYPE_EP11_ECC) {
 990                 u8 *wkvp = NULL;
 991
 992                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 993                         wkvp = cur_mkvp;
 994                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 995                                     ZCRYPT_CEX7, EP11_API_V, wkvp);
 996                 if (rc)
 997                         goto out;
 998
 999         } else
1000                 return -EINVAL;
1001
1002         if (apqns) {
1003                 if (*nr_apqns < _nr_apqns)
1004                         rc = -ENOSPC;
1005                 else
1006                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
1007         }
1008         *nr_apqns = _nr_apqns;
1009
1010 out:
1011         kfree(_apqns);
1012         return rc;
1013 }
1014
1015 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
1016                               const u8 *key, size_t keylen, u32 *protkeytype,
1017                               u8 *protkey, u32 *protkeylen)
1018 {
1019         int i, card, dom, rc;
1020         struct keytoken_header *hdr = (struct keytoken_header *)key;
1021
1022         /* check for at least one apqn given */
1023         if (!apqns || !nr_apqns)
1024                 return -EINVAL;
1025
1026         if (keylen < sizeof(struct keytoken_header))
1027                 return -EINVAL;
1028
1029         if (hdr->type == TOKTYPE_NON_CCA
1030             && hdr->version == TOKVER_EP11_AES_WITH_HEADER
1031             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1032                 /* EP11 AES key blob with header */
1033                 if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1))
1034                         return -EINVAL;
1035         } else if (hdr->type == TOKTYPE_NON_CCA
1036                    && hdr->version == TOKVER_EP11_ECC_WITH_HEADER
1037                    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1038                 /* EP11 ECC key blob with header */
1039                 if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1))
1040                         return -EINVAL;
1041         } else if (hdr->type == TOKTYPE_NON_CCA
1042                    && hdr->version == TOKVER_EP11_AES
1043                    && is_ep11_keyblob(key)) {
1044                 /* EP11 AES key blob with header in session field */
1045                 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
1046                         return -EINVAL;
1047         } else  if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1048                 if (hdr->version == TOKVER_CCA_AES) {
1049                         /* CCA AES data key */
1050                         if (keylen != sizeof(struct secaeskeytoken))
1051                                 return -EINVAL;
1052                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
1053                                 return -EINVAL;
1054                 } else if (hdr->version == TOKVER_CCA_VLSC) {
1055                         /* CCA AES cipher key */
1056                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1057                                 return -EINVAL;
1058                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
1059                                 return -EINVAL;
1060                 } else {
1061                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
1062                                   __func__, hdr->version);
1063                         return -EINVAL;
1064                 }
1065         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1066                 /* CCA ECC (private) key */
1067                 if (keylen < sizeof(struct eccprivkeytoken))
1068                         return -EINVAL;
1069                 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1))
1070                         return -EINVAL;
1071         } else if (hdr->type == TOKTYPE_NON_CCA) {
1072                 struct pkey_protkey pkey;
1073
1074                 rc = pkey_nonccatok2pkey(key, keylen, &pkey);
1075                 if (rc)
1076                         return rc;
1077                 memcpy(protkey, pkey.protkey, pkey.len);
1078                 *protkeylen = pkey.len;
1079                 *protkeytype = pkey.type;
1080                 return 0;
1081         } else {
1082                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
1083                           __func__, hdr->type);
1084                 return -EINVAL;
1085         }
1086
1087         /* simple try all apqns from the list */
1088         for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1089                 card = apqns[i].card;
1090                 dom = apqns[i].domain;
1091                 if (hdr->type == TOKTYPE_NON_CCA
1092                     && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
1093                         || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
1094                     && is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1095                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1096                                                 protkey, protkeylen, protkeytype);
1097                 else if (hdr->type == TOKTYPE_NON_CCA
1098                          && hdr->version == TOKVER_EP11_AES
1099                          && is_ep11_keyblob(key))
1100                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1101                                                 protkey, protkeylen, protkeytype);
1102                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1103                          hdr->version == TOKVER_CCA_AES)
1104                         rc = cca_sec2protkey(card, dom, key, protkey,
1105                                              protkeylen, protkeytype);
1106                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1107                          hdr->version == TOKVER_CCA_VLSC)
1108                         rc = cca_cipher2protkey(card, dom, key, protkey,
1109                                                 protkeylen, protkeytype);
1110                 else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1111                         rc = cca_ecc2protkey(card, dom, key, protkey,
1112                                              protkeylen, protkeytype);
1113                 else
1114                         return -EINVAL;
1115         }
1116
1117         return rc;
1118 }
1119
1120 /*
1121  * File io functions
1122  */
1123
1124 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1125 {
1126         if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE)
1127                 return ERR_PTR(-EINVAL);
1128
1129         return memdup_user(ukey, keylen);
1130 }
1131
1132 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1133 {
1134         if (!uapqns || nr_apqns == 0)
1135                 return NULL;
1136
1137         return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1138 }
1139
1140 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1141                                 unsigned long arg)
1142 {
1143         int rc;
1144
1145         switch (cmd) {
1146         case PKEY_GENSECK: {
1147                 struct pkey_genseck __user *ugs = (void __user *) arg;
1148                 struct pkey_genseck kgs;
1149
1150                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1151                         return -EFAULT;
1152                 rc = cca_genseckey(kgs.cardnr, kgs.domain,
1153                                    kgs.keytype, kgs.seckey.seckey);
1154                 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc);
1155                 if (rc)
1156                         break;
1157                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1158                         return -EFAULT;
1159                 break;
1160         }
1161         case PKEY_CLR2SECK: {
1162                 struct pkey_clr2seck __user *ucs = (void __user *) arg;
1163                 struct pkey_clr2seck kcs;
1164
1165                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1166                         return -EFAULT;
1167                 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1168                                     kcs.clrkey.clrkey, kcs.seckey.seckey);
1169                 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc);
1170                 if (rc)
1171                         break;
1172                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1173                         return -EFAULT;
1174                 memzero_explicit(&kcs, sizeof(kcs));
1175                 break;
1176         }
1177         case PKEY_SEC2PROTK: {
1178                 struct pkey_sec2protk __user *usp = (void __user *) arg;
1179                 struct pkey_sec2protk ksp;
1180
1181                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1182                         return -EFAULT;
1183                 rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1184                                      ksp.seckey.seckey, ksp.protkey.protkey,
1185                                      &ksp.protkey.len, &ksp.protkey.type);
1186                 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc);
1187                 if (rc)
1188                         break;
1189                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1190                         return -EFAULT;
1191                 break;
1192         }
1193         case PKEY_CLR2PROTK: {
1194                 struct pkey_clr2protk __user *ucp = (void __user *) arg;
1195                 struct pkey_clr2protk kcp;
1196
1197                 if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1198                         return -EFAULT;
1199                 rc = pkey_clr2protkey(kcp.keytype,
1200                                       &kcp.clrkey, &kcp.protkey);
1201                 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc);
1202                 if (rc)
1203                         break;
1204                 if (copy_to_user(ucp, &kcp, sizeof(kcp)))
1205                         return -EFAULT;
1206                 memzero_explicit(&kcp, sizeof(kcp));
1207                 break;
1208         }
1209         case PKEY_FINDCARD: {
1210                 struct pkey_findcard __user *ufc = (void __user *) arg;
1211                 struct pkey_findcard kfc;
1212
1213                 if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1214                         return -EFAULT;
1215                 rc = cca_findcard(kfc.seckey.seckey,
1216                                   &kfc.cardnr, &kfc.domain, 1);
1217                 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc);
1218                 if (rc < 0)
1219                         break;
1220                 if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1221                         return -EFAULT;
1222                 break;
1223         }
1224         case PKEY_SKEY2PKEY: {
1225                 struct pkey_skey2pkey __user *usp = (void __user *) arg;
1226                 struct pkey_skey2pkey ksp;
1227
1228                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1229                         return -EFAULT;
1230                 rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey);
1231                 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc);
1232                 if (rc)
1233                         break;
1234                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1235                         return -EFAULT;
1236                 break;
1237         }
1238         case PKEY_VERIFYKEY: {
1239                 struct pkey_verifykey __user *uvk = (void __user *) arg;
1240                 struct pkey_verifykey kvk;
1241
1242                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1243                         return -EFAULT;
1244                 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1245                                     &kvk.keysize, &kvk.attributes);
1246                 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc);
1247                 if (rc)
1248                         break;
1249                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1250                         return -EFAULT;
1251                 break;
1252         }
1253         case PKEY_GENPROTK: {
1254                 struct pkey_genprotk __user *ugp = (void __user *) arg;
1255                 struct pkey_genprotk kgp;
1256
1257                 if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1258                         return -EFAULT;
1259                 rc = pkey_genprotkey(kgp.keytype, &kgp.protkey);
1260                 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc);
1261                 if (rc)
1262                         break;
1263                 if (copy_to_user(ugp, &kgp, sizeof(kgp)))
1264                         return -EFAULT;
1265                 break;
1266         }
1267         case PKEY_VERIFYPROTK: {
1268                 struct pkey_verifyprotk __user *uvp = (void __user *) arg;
1269                 struct pkey_verifyprotk kvp;
1270
1271                 if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1272                         return -EFAULT;
1273                 rc = pkey_verifyprotkey(&kvp.protkey);
1274                 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1275                 break;
1276         }
1277         case PKEY_KBLOB2PROTK: {
1278                 struct pkey_kblob2pkey __user *utp = (void __user *) arg;
1279                 struct pkey_kblob2pkey ktp;
1280                 u8 *kkey;
1281
1282                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1283                         return -EFAULT;
1284                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1285                 if (IS_ERR(kkey))
1286                         return PTR_ERR(kkey);
1287                 rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
1288                 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1289                 kfree(kkey);
1290                 if (rc)
1291                         break;
1292                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1293                         return -EFAULT;
1294                 break;
1295         }
1296         case PKEY_GENSECK2: {
1297                 struct pkey_genseck2 __user *ugs = (void __user *) arg;
1298                 struct pkey_genseck2 kgs;
1299                 struct pkey_apqn *apqns;
1300                 size_t klen = KEYBLOBBUFSIZE;
1301                 u8 *kkey;
1302
1303                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1304                         return -EFAULT;
1305                 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1306                 if (IS_ERR(apqns))
1307                         return PTR_ERR(apqns);
1308                 kkey = kmalloc(klen, GFP_KERNEL);
1309                 if (!kkey) {
1310                         kfree(apqns);
1311                         return -ENOMEM;
1312                 }
1313                 rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1314                                      kgs.type, kgs.size, kgs.keygenflags,
1315                                      kkey, &klen);
1316                 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc);
1317                 kfree(apqns);
1318                 if (rc) {
1319                         kfree(kkey);
1320                         break;
1321                 }
1322                 if (kgs.key) {
1323                         if (kgs.keylen < klen) {
1324                                 kfree(kkey);
1325                                 return -EINVAL;
1326                         }
1327                         if (copy_to_user(kgs.key, kkey, klen)) {
1328                                 kfree(kkey);
1329                                 return -EFAULT;
1330                         }
1331                 }
1332                 kgs.keylen = klen;
1333                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1334                         rc = -EFAULT;
1335                 kfree(kkey);
1336                 break;
1337         }
1338         case PKEY_CLR2SECK2: {
1339                 struct pkey_clr2seck2 __user *ucs = (void __user *) arg;
1340                 struct pkey_clr2seck2 kcs;
1341                 struct pkey_apqn *apqns;
1342                 size_t klen = KEYBLOBBUFSIZE;
1343                 u8 *kkey;
1344
1345                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1346                         return -EFAULT;
1347                 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1348                 if (IS_ERR(apqns))
1349                         return PTR_ERR(apqns);
1350                 kkey = kmalloc(klen, GFP_KERNEL);
1351                 if (!kkey) {
1352                         kfree(apqns);
1353                         return -ENOMEM;
1354                 }
1355                 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1356                                       kcs.type, kcs.size, kcs.keygenflags,
1357                                       kcs.clrkey.clrkey, kkey, &klen);
1358                 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1359                 kfree(apqns);
1360                 if (rc) {
1361                         kfree(kkey);
1362                         break;
1363                 }
1364                 if (kcs.key) {
1365                         if (kcs.keylen < klen) {
1366                                 kfree(kkey);
1367                                 return -EINVAL;
1368                         }
1369                         if (copy_to_user(kcs.key, kkey, klen)) {
1370                                 kfree(kkey);
1371                                 return -EFAULT;
1372                         }
1373                 }
1374                 kcs.keylen = klen;
1375                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1376                         rc = -EFAULT;
1377                 memzero_explicit(&kcs, sizeof(kcs));
1378                 kfree(kkey);
1379                 break;
1380         }
1381         case PKEY_VERIFYKEY2: {
1382                 struct pkey_verifykey2 __user *uvk = (void __user *) arg;
1383                 struct pkey_verifykey2 kvk;
1384                 u8 *kkey;
1385
1386                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1387                         return -EFAULT;
1388                 kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1389                 if (IS_ERR(kkey))
1390                         return PTR_ERR(kkey);
1391                 rc = pkey_verifykey2(kkey, kvk.keylen,
1392                                      &kvk.cardnr, &kvk.domain,
1393                                      &kvk.type, &kvk.size, &kvk.flags);
1394                 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc);
1395                 kfree(kkey);
1396                 if (rc)
1397                         break;
1398                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1399                         return -EFAULT;
1400                 break;
1401         }
1402         case PKEY_KBLOB2PROTK2: {
1403                 struct pkey_kblob2pkey2 __user *utp = (void __user *) arg;
1404                 struct pkey_kblob2pkey2 ktp;
1405                 struct pkey_apqn *apqns = NULL;
1406                 u8 *kkey;
1407
1408                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1409                         return -EFAULT;
1410                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1411                 if (IS_ERR(apqns))
1412                         return PTR_ERR(apqns);
1413                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1414                 if (IS_ERR(kkey)) {
1415                         kfree(apqns);
1416                         return PTR_ERR(kkey);
1417                 }
1418                 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1419                                         kkey, ktp.keylen, &ktp.protkey);
1420                 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1421                 kfree(apqns);
1422                 kfree(kkey);
1423                 if (rc)
1424                         break;
1425                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1426                         return -EFAULT;
1427                 break;
1428         }
1429         case PKEY_APQNS4K: {
1430                 struct pkey_apqns4key __user *uak = (void __user *) arg;
1431                 struct pkey_apqns4key kak;
1432                 struct pkey_apqn *apqns = NULL;
1433                 size_t nr_apqns, len;
1434                 u8 *kkey;
1435
1436                 if (copy_from_user(&kak, uak, sizeof(kak)))
1437                         return -EFAULT;
1438                 nr_apqns = kak.apqn_entries;
1439                 if (nr_apqns) {
1440                         apqns = kmalloc_array(nr_apqns,
1441                                               sizeof(struct pkey_apqn),
1442                                               GFP_KERNEL);
1443                         if (!apqns)
1444                                 return -ENOMEM;
1445                 }
1446                 kkey = _copy_key_from_user(kak.key, kak.keylen);
1447                 if (IS_ERR(kkey)) {
1448                         kfree(apqns);
1449                         return PTR_ERR(kkey);
1450                 }
1451                 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1452                                     apqns, &nr_apqns);
1453                 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc);
1454                 kfree(kkey);
1455                 if (rc && rc != -ENOSPC) {
1456                         kfree(apqns);
1457                         break;
1458                 }
1459                 if (!rc && kak.apqns) {
1460                         if (nr_apqns > kak.apqn_entries) {
1461                                 kfree(apqns);
1462                                 return -EINVAL;
1463                         }
1464                         len = nr_apqns * sizeof(struct pkey_apqn);
1465                         if (len) {
1466                                 if (copy_to_user(kak.apqns, apqns, len)) {
1467                                         kfree(apqns);
1468                                         return -EFAULT;
1469                                 }
1470                         }
1471                 }
1472                 kak.apqn_entries = nr_apqns;
1473                 if (copy_to_user(uak, &kak, sizeof(kak)))
1474                         rc = -EFAULT;
1475                 kfree(apqns);
1476                 break;
1477         }
1478         case PKEY_APQNS4KT: {
1479                 struct pkey_apqns4keytype __user *uat = (void __user *) arg;
1480                 struct pkey_apqns4keytype kat;
1481                 struct pkey_apqn *apqns = NULL;
1482                 size_t nr_apqns, len;
1483
1484                 if (copy_from_user(&kat, uat, sizeof(kat)))
1485                         return -EFAULT;
1486                 nr_apqns = kat.apqn_entries;
1487                 if (nr_apqns) {
1488                         apqns = kmalloc_array(nr_apqns,
1489                                               sizeof(struct pkey_apqn),
1490                                               GFP_KERNEL);
1491                         if (!apqns)
1492                                 return -ENOMEM;
1493                 }
1494                 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1495                                         kat.flags, apqns, &nr_apqns);
1496                 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1497                 if (rc && rc != -ENOSPC) {
1498                         kfree(apqns);
1499                         break;
1500                 }
1501                 if (!rc && kat.apqns) {
1502                         if (nr_apqns > kat.apqn_entries) {
1503                                 kfree(apqns);
1504                                 return -EINVAL;
1505                         }
1506                         len = nr_apqns * sizeof(struct pkey_apqn);
1507                         if (len) {
1508                                 if (copy_to_user(kat.apqns, apqns, len)) {
1509                                         kfree(apqns);
1510                                         return -EFAULT;
1511                                 }
1512                         }
1513                 }
1514                 kat.apqn_entries = nr_apqns;
1515                 if (copy_to_user(uat, &kat, sizeof(kat)))
1516                         rc = -EFAULT;
1517                 kfree(apqns);
1518                 break;
1519         }
1520         case PKEY_KBLOB2PROTK3: {
1521                 struct pkey_kblob2pkey3 __user *utp = (void __user *) arg;
1522                 struct pkey_kblob2pkey3 ktp;
1523                 struct pkey_apqn *apqns = NULL;
1524                 u32 protkeylen = PROTKEYBLOBBUFSIZE;
1525                 u8 *kkey, *protkey;
1526
1527                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1528                         return -EFAULT;
1529                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1530                 if (IS_ERR(apqns))
1531                         return PTR_ERR(apqns);
1532                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1533                 if (IS_ERR(kkey)) {
1534                         kfree(apqns);
1535                         return PTR_ERR(kkey);
1536                 }
1537                 protkey = kmalloc(protkeylen, GFP_KERNEL);
1538                 if (!protkey) {
1539                         kfree(apqns);
1540                         kfree(kkey);
1541                         return -ENOMEM;
1542                 }
1543                 rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey,
1544                                         ktp.keylen, &ktp.pkeytype,
1545                                         protkey, &protkeylen);
1546                 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1547                 kfree(apqns);
1548                 kfree(kkey);
1549                 if (rc) {
1550                         kfree(protkey);
1551                         break;
1552                 }
1553                 if (ktp.pkey && ktp.pkeylen) {
1554                         if (protkeylen > ktp.pkeylen) {
1555                                 kfree(protkey);
1556                                 return -EINVAL;
1557                         }
1558                         if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1559                                 kfree(protkey);
1560                                 return -EFAULT;
1561                         }
1562                 }
1563                 kfree(protkey);
1564                 ktp.pkeylen = protkeylen;
1565                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1566                         return -EFAULT;
1567                 break;
1568         }
1569         default:
1570                 /* unknown/unsupported ioctl cmd */
1571                 return -ENOTTY;
1572         }
1573
1574         return rc;
1575 }
1576
1577 /*
1578  * Sysfs and file io operations
1579  */
1580
1581 /*
1582  * Sysfs attribute read function for all protected key binary attributes.
1583  * The implementation can not deal with partial reads, because a new random
1584  * protected key blob is generated with each read. In case of partial reads
1585  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1586  */
1587 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1588                                           loff_t off, size_t count)
1589 {
1590         struct protaeskeytoken protkeytoken;
1591         struct pkey_protkey protkey;
1592         int rc;
1593
1594         if (off != 0 || count < sizeof(protkeytoken))
1595                 return -EINVAL;
1596         if (is_xts)
1597                 if (count < 2 * sizeof(protkeytoken))
1598                         return -EINVAL;
1599
1600         memset(&protkeytoken, 0, sizeof(protkeytoken));
1601         protkeytoken.type = TOKTYPE_NON_CCA;
1602         protkeytoken.version = TOKVER_PROTECTED_KEY;
1603         protkeytoken.keytype = keytype;
1604
1605         rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1606         if (rc)
1607                 return rc;
1608
1609         protkeytoken.len = protkey.len;
1610         memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1611
1612         memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1613
1614         if (is_xts) {
1615                 rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1616                 if (rc)
1617                         return rc;
1618
1619                 protkeytoken.len = protkey.len;
1620                 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1621
1622                 memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1623                        sizeof(protkeytoken));
1624
1625                 return 2 * sizeof(protkeytoken);
1626         }
1627
1628         return sizeof(protkeytoken);
1629 }
1630
1631 static ssize_t protkey_aes_128_read(struct file *filp,
1632                                     struct kobject *kobj,
1633                                     struct bin_attribute *attr,
1634                                     char *buf, loff_t off,
1635                                     size_t count)
1636 {
1637         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1638                                           off, count);
1639 }
1640
1641 static ssize_t protkey_aes_192_read(struct file *filp,
1642                                     struct kobject *kobj,
1643                                     struct bin_attribute *attr,
1644                                     char *buf, loff_t off,
1645                                     size_t count)
1646 {
1647         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1648                                           off, count);
1649 }
1650
1651 static ssize_t protkey_aes_256_read(struct file *filp,
1652                                     struct kobject *kobj,
1653                                     struct bin_attribute *attr,
1654                                     char *buf, loff_t off,
1655                                     size_t count)
1656 {
1657         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1658                                           off, count);
1659 }
1660
1661 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1662                                         struct kobject *kobj,
1663                                         struct bin_attribute *attr,
1664                                         char *buf, loff_t off,
1665                                         size_t count)
1666 {
1667         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1668                                           off, count);
1669 }
1670
1671 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1672                                         struct kobject *kobj,
1673                                         struct bin_attribute *attr,
1674                                         char *buf, loff_t off,
1675                                         size_t count)
1676 {
1677         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1678                                           off, count);
1679 }
1680
1681 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1682 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1683 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1684 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1685 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1686
1687 static struct bin_attribute *protkey_attrs[] = {
1688         &bin_attr_protkey_aes_128,
1689         &bin_attr_protkey_aes_192,
1690         &bin_attr_protkey_aes_256,
1691         &bin_attr_protkey_aes_128_xts,
1692         &bin_attr_protkey_aes_256_xts,
1693         NULL
1694 };
1695
1696 static struct attribute_group protkey_attr_group = {
1697         .name      = "protkey",
1698         .bin_attrs = protkey_attrs,
1699 };
1700
1701 /*
1702  * Sysfs attribute read function for all secure key ccadata binary attributes.
1703  * The implementation can not deal with partial reads, because a new random
1704  * protected key blob is generated with each read. In case of partial reads
1705  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1706  */
1707 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1708                                           loff_t off, size_t count)
1709 {
1710         int rc;
1711         struct pkey_seckey *seckey = (struct pkey_seckey *) buf;
1712
1713         if (off != 0 || count < sizeof(struct secaeskeytoken))
1714                 return -EINVAL;
1715         if (is_xts)
1716                 if (count < 2 * sizeof(struct secaeskeytoken))
1717                         return -EINVAL;
1718
1719         rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1720         if (rc)
1721                 return rc;
1722
1723         if (is_xts) {
1724                 seckey++;
1725                 rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1726                 if (rc)
1727                         return rc;
1728
1729                 return 2 * sizeof(struct secaeskeytoken);
1730         }
1731
1732         return sizeof(struct secaeskeytoken);
1733 }
1734
1735 static ssize_t ccadata_aes_128_read(struct file *filp,
1736                                     struct kobject *kobj,
1737                                     struct bin_attribute *attr,
1738                                     char *buf, loff_t off,
1739                                     size_t count)
1740 {
1741         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1742                                           off, count);
1743 }
1744
1745 static ssize_t ccadata_aes_192_read(struct file *filp,
1746                                     struct kobject *kobj,
1747                                     struct bin_attribute *attr,
1748                                     char *buf, loff_t off,
1749                                     size_t count)
1750 {
1751         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1752                                           off, count);
1753 }
1754
1755 static ssize_t ccadata_aes_256_read(struct file *filp,
1756                                     struct kobject *kobj,
1757                                     struct bin_attribute *attr,
1758                                     char *buf, loff_t off,
1759                                     size_t count)
1760 {
1761         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1762                                           off, count);
1763 }
1764
1765 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1766                                         struct kobject *kobj,
1767                                         struct bin_attribute *attr,
1768                                         char *buf, loff_t off,
1769                                         size_t count)
1770 {
1771         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1772                                           off, count);
1773 }
1774
1775 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
1776                                         struct kobject *kobj,
1777                                         struct bin_attribute *attr,
1778                                         char *buf, loff_t off,
1779                                         size_t count)
1780 {
1781         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1782                                           off, count);
1783 }
1784
1785 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
1786 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
1787 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
1788 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
1789 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
1790
1791 static struct bin_attribute *ccadata_attrs[] = {
1792         &bin_attr_ccadata_aes_128,
1793         &bin_attr_ccadata_aes_192,
1794         &bin_attr_ccadata_aes_256,
1795         &bin_attr_ccadata_aes_128_xts,
1796         &bin_attr_ccadata_aes_256_xts,
1797         NULL
1798 };
1799
1800 static struct attribute_group ccadata_attr_group = {
1801         .name      = "ccadata",
1802         .bin_attrs = ccadata_attrs,
1803 };
1804
1805 #define CCACIPHERTOKENSIZE      (sizeof(struct cipherkeytoken) + 80)
1806
1807 /*
1808  * Sysfs attribute read function for all secure key ccacipher binary attributes.
1809  * The implementation can not deal with partial reads, because a new random
1810  * secure key blob is generated with each read. In case of partial reads
1811  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1812  */
1813 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
1814                                             bool is_xts, char *buf, loff_t off,
1815                                             size_t count)
1816 {
1817         int i, rc, card, dom;
1818         u32 nr_apqns, *apqns = NULL;
1819         size_t keysize = CCACIPHERTOKENSIZE;
1820
1821         if (off != 0 || count < CCACIPHERTOKENSIZE)
1822                 return -EINVAL;
1823         if (is_xts)
1824                 if (count < 2 * CCACIPHERTOKENSIZE)
1825                         return -EINVAL;
1826
1827         /* build a list of apqns able to generate an cipher key */
1828         rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1829                            ZCRYPT_CEX6, 0, 0, 0, 0);
1830         if (rc)
1831                 return rc;
1832
1833         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1834
1835         /* simple try all apqns from the list */
1836         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1837                 card = apqns[i] >> 16;
1838                 dom = apqns[i] & 0xFFFF;
1839                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1840                 if (rc == 0)
1841                         break;
1842         }
1843         if (rc)
1844                 return rc;
1845
1846         if (is_xts) {
1847                 keysize = CCACIPHERTOKENSIZE;
1848                 buf += CCACIPHERTOKENSIZE;
1849                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1850                 if (rc == 0)
1851                         return 2 * CCACIPHERTOKENSIZE;
1852         }
1853
1854         return CCACIPHERTOKENSIZE;
1855 }
1856
1857 static ssize_t ccacipher_aes_128_read(struct file *filp,
1858                                       struct kobject *kobj,
1859                                       struct bin_attribute *attr,
1860                                       char *buf, loff_t off,
1861                                       size_t count)
1862 {
1863         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1864                                             off, count);
1865 }
1866
1867 static ssize_t ccacipher_aes_192_read(struct file *filp,
1868                                       struct kobject *kobj,
1869                                       struct bin_attribute *attr,
1870                                       char *buf, loff_t off,
1871                                       size_t count)
1872 {
1873         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1874                                             off, count);
1875 }
1876
1877 static ssize_t ccacipher_aes_256_read(struct file *filp,
1878                                       struct kobject *kobj,
1879                                       struct bin_attribute *attr,
1880                                       char *buf, loff_t off,
1881                                       size_t count)
1882 {
1883         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1884                                             off, count);
1885 }
1886
1887 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
1888                                           struct kobject *kobj,
1889                                           struct bin_attribute *attr,
1890                                           char *buf, loff_t off,
1891                                           size_t count)
1892 {
1893         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
1894                                             off, count);
1895 }
1896
1897 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
1898                                           struct kobject *kobj,
1899                                           struct bin_attribute *attr,
1900                                           char *buf, loff_t off,
1901                                           size_t count)
1902 {
1903         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
1904                                             off, count);
1905 }
1906
1907 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
1908 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
1909 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
1910 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
1911 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
1912
1913 static struct bin_attribute *ccacipher_attrs[] = {
1914         &bin_attr_ccacipher_aes_128,
1915         &bin_attr_ccacipher_aes_192,
1916         &bin_attr_ccacipher_aes_256,
1917         &bin_attr_ccacipher_aes_128_xts,
1918         &bin_attr_ccacipher_aes_256_xts,
1919         NULL
1920 };
1921
1922 static struct attribute_group ccacipher_attr_group = {
1923         .name      = "ccacipher",
1924         .bin_attrs = ccacipher_attrs,
1925 };
1926
1927 /*
1928  * Sysfs attribute read function for all ep11 aes key binary attributes.
1929  * The implementation can not deal with partial reads, because a new random
1930  * secure key blob is generated with each read. In case of partial reads
1931  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1932  * This function and the sysfs attributes using it provide EP11 key blobs
1933  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
1934  * 320 bytes.
1935  */
1936 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
1937                                        bool is_xts, char *buf, loff_t off,
1938                                        size_t count)
1939 {
1940         int i, rc, card, dom;
1941         u32 nr_apqns, *apqns = NULL;
1942         size_t keysize = MAXEP11AESKEYBLOBSIZE;
1943
1944         if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
1945                 return -EINVAL;
1946         if (is_xts)
1947                 if (count < 2 * MAXEP11AESKEYBLOBSIZE)
1948                         return -EINVAL;
1949
1950         /* build a list of apqns able to generate an cipher key */
1951         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1952                             ZCRYPT_CEX7, EP11_API_V, NULL);
1953         if (rc)
1954                 return rc;
1955
1956         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1957
1958         /* simple try all apqns from the list */
1959         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1960                 card = apqns[i] >> 16;
1961                 dom = apqns[i] & 0xFFFF;
1962                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1963                 if (rc == 0)
1964                         break;
1965         }
1966         if (rc)
1967                 return rc;
1968
1969         if (is_xts) {
1970                 keysize = MAXEP11AESKEYBLOBSIZE;
1971                 buf += MAXEP11AESKEYBLOBSIZE;
1972                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1973                 if (rc == 0)
1974                         return 2 * MAXEP11AESKEYBLOBSIZE;
1975         }
1976
1977         return MAXEP11AESKEYBLOBSIZE;
1978 }
1979
1980 static ssize_t ep11_aes_128_read(struct file *filp,
1981                                  struct kobject *kobj,
1982                                  struct bin_attribute *attr,
1983                                  char *buf, loff_t off,
1984                                  size_t count)
1985 {
1986         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1987                                        off, count);
1988 }
1989
1990 static ssize_t ep11_aes_192_read(struct file *filp,
1991                                  struct kobject *kobj,
1992                                  struct bin_attribute *attr,
1993                                  char *buf, loff_t off,
1994                                  size_t count)
1995 {
1996         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1997                                        off, count);
1998 }
1999
2000 static ssize_t ep11_aes_256_read(struct file *filp,
2001                                  struct kobject *kobj,
2002                                  struct bin_attribute *attr,
2003                                  char *buf, loff_t off,
2004                                  size_t count)
2005 {
2006         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
2007                                        off, count);
2008 }
2009
2010 static ssize_t ep11_aes_128_xts_read(struct file *filp,
2011                                      struct kobject *kobj,
2012                                      struct bin_attribute *attr,
2013                                      char *buf, loff_t off,
2014                                      size_t count)
2015 {
2016         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2017                                        off, count);
2018 }
2019
2020 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2021                                      struct kobject *kobj,
2022                                      struct bin_attribute *attr,
2023                                      char *buf, loff_t off,
2024                                      size_t count)
2025 {
2026         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2027                                        off, count);
2028 }
2029
2030 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2031 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2032 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2033 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2034 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2035
2036 static struct bin_attribute *ep11_attrs[] = {
2037         &bin_attr_ep11_aes_128,
2038         &bin_attr_ep11_aes_192,
2039         &bin_attr_ep11_aes_256,
2040         &bin_attr_ep11_aes_128_xts,
2041         &bin_attr_ep11_aes_256_xts,
2042         NULL
2043 };
2044
2045 static struct attribute_group ep11_attr_group = {
2046         .name      = "ep11",
2047         .bin_attrs = ep11_attrs,
2048 };
2049
2050 static const struct attribute_group *pkey_attr_groups[] = {
2051         &protkey_attr_group,
2052         &ccadata_attr_group,
2053         &ccacipher_attr_group,
2054         &ep11_attr_group,
2055         NULL,
2056 };
2057
2058 static const struct file_operations pkey_fops = {
2059         .owner          = THIS_MODULE,
2060         .open           = nonseekable_open,
2061         .llseek         = no_llseek,
2062         .unlocked_ioctl = pkey_unlocked_ioctl,
2063 };
2064
2065 static struct miscdevice pkey_dev = {
2066         .name   = "pkey",
2067         .minor  = MISC_DYNAMIC_MINOR,
2068         .mode   = 0666,
2069         .fops   = &pkey_fops,
2070         .groups = pkey_attr_groups,
2071 };
2072
2073 /*
2074  * Module init
2075  */
2076 static int __init pkey_init(void)
2077 {
2078         cpacf_mask_t func_mask;
2079
2080         /*
2081          * The pckmo instruction should be available - even if we don't
2082          * actually invoke it. This instruction comes with MSA 3 which
2083          * is also the minimum level for the kmc instructions which
2084          * are able to work with protected keys.
2085          */
2086         if (!cpacf_query(CPACF_PCKMO, &func_mask))
2087                 return -ENODEV;
2088
2089         /* check for kmc instructions available */
2090         if (!cpacf_query(CPACF_KMC, &func_mask))
2091                 return -ENODEV;
2092         if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) ||
2093             !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) ||
2094             !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256))
2095                 return -ENODEV;
2096
2097         pkey_debug_init();
2098
2099         return misc_register(&pkey_dev);
2100 }
2101
2102 /*
2103  * Module exit
2104  */
2105 static void __exit pkey_exit(void)
2106 {
2107         misc_deregister(&pkey_dev);
2108         pkey_debug_exit();
2109 }
2110
2111 module_cpu_feature_match(MSA, pkey_init);
2112 module_exit(pkey_exit);