• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  pkey device driver
4  *
5  *  Copyright IBM Corp. 2017,2019
6  *  Author(s): Harald Freudenberger
7  */
8 
9 #define KMSG_COMPONENT "pkey"
10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
11 
12 #include <linux/fs.h>
13 #include <linux/init.h>
14 #include <linux/miscdevice.h>
15 #include <linux/module.h>
16 #include <linux/slab.h>
17 #include <linux/kallsyms.h>
18 #include <linux/debugfs.h>
19 #include <linux/random.h>
20 #include <linux/cpufeature.h>
21 #include <asm/zcrypt.h>
22 #include <asm/cpacf.h>
23 #include <asm/pkey.h>
24 #include <crypto/aes.h>
25 
26 #include "zcrypt_api.h"
27 #include "zcrypt_ccamisc.h"
28 #include "zcrypt_ep11misc.h"
29 
30 MODULE_LICENSE("GPL");
31 MODULE_AUTHOR("IBM Corporation");
32 MODULE_DESCRIPTION("s390 protected key interface");
33 
34 #define KEYBLOBBUFSIZE 8192	/* key buffer size used for internal processing */
35 #define PROTKEYBLOBBUFSIZE 256	/* protected key buffer size used internal */
36 #define MAXAPQNSINLIST 64	/* max 64 apqns within a apqn list */
37 
38 /*
39  * debug feature data and functions
40  */
41 
42 static debug_info_t *debug_info;
43 
44 #define DEBUG_DBG(...)	debug_sprintf_event(debug_info, 6, ##__VA_ARGS__)
45 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__)
46 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__)
47 #define DEBUG_ERR(...)	debug_sprintf_event(debug_info, 3, ##__VA_ARGS__)
48 
pkey_debug_init(void)49 static void __init pkey_debug_init(void)
50 {
51 	/* 5 arguments per dbf entry (including the format string ptr) */
52 	debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
53 	debug_register_view(debug_info, &debug_sprintf_view);
54 	debug_set_level(debug_info, 3);
55 }
56 
pkey_debug_exit(void)57 static void __exit pkey_debug_exit(void)
58 {
59 	debug_unregister(debug_info);
60 }
61 
62 /* inside view of a protected key token (only type 0x00 version 0x01) */
63 struct protaeskeytoken {
64 	u8  type;     /* 0x00 for PAES specific key tokens */
65 	u8  res0[3];
66 	u8  version;  /* should be 0x01 for protected AES key token */
67 	u8  res1[3];
68 	u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
69 	u32 len;      /* bytes actually stored in protkey[] */
70 	u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
71 } __packed;
72 
73 /* inside view of a clear key token (type 0x00 version 0x02) */
74 struct clearaeskeytoken {
75 	u8  type;	 /* 0x00 for PAES specific key tokens */
76 	u8  res0[3];
77 	u8  version;	 /* 0x02 for clear AES key token */
78 	u8  res1[3];
79 	u32 keytype;	 /* key type, one of the PKEY_KEYTYPE values */
80 	u32 len;	 /* bytes actually stored in clearkey[] */
81 	u8  clearkey[]; /* clear key value */
82 } __packed;
83 
84 /*
85  * Create a protected key from a clear key value.
86  */
pkey_clr2protkey(u32 keytype,const struct pkey_clrkey * clrkey,struct pkey_protkey * protkey)87 static int pkey_clr2protkey(u32 keytype,
88 			    const struct pkey_clrkey *clrkey,
89 			    struct pkey_protkey *protkey)
90 {
91 	/* mask of available pckmo subfunctions */
92 	static cpacf_mask_t pckmo_functions;
93 
94 	long fc;
95 	int keysize;
96 	u8 paramblock[64];
97 
98 	switch (keytype) {
99 	case PKEY_KEYTYPE_AES_128:
100 		keysize = 16;
101 		fc = CPACF_PCKMO_ENC_AES_128_KEY;
102 		break;
103 	case PKEY_KEYTYPE_AES_192:
104 		keysize = 24;
105 		fc = CPACF_PCKMO_ENC_AES_192_KEY;
106 		break;
107 	case PKEY_KEYTYPE_AES_256:
108 		keysize = 32;
109 		fc = CPACF_PCKMO_ENC_AES_256_KEY;
110 		break;
111 	default:
112 		DEBUG_ERR("%s unknown/unsupported keytype %d\n",
113 			  __func__, keytype);
114 		return -EINVAL;
115 	}
116 
117 	/* Did we already check for PCKMO ? */
118 	if (!pckmo_functions.bytes[0]) {
119 		/* no, so check now */
120 		if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
121 			return -ENODEV;
122 	}
123 	/* check for the pckmo subfunction we need now */
124 	if (!cpacf_test_func(&pckmo_functions, fc)) {
125 		DEBUG_ERR("%s pckmo functions not available\n", __func__);
126 		return -ENODEV;
127 	}
128 
129 	/* prepare param block */
130 	memset(paramblock, 0, sizeof(paramblock));
131 	memcpy(paramblock, clrkey->clrkey, keysize);
132 
133 	/* call the pckmo instruction */
134 	cpacf_pckmo(fc, paramblock);
135 
136 	/* copy created protected key */
137 	protkey->type = keytype;
138 	protkey->len = keysize + 32;
139 	memcpy(protkey->protkey, paramblock, keysize + 32);
140 
141 	return 0;
142 }
143 
144 /*
145  * Find card and transform secure key into protected key.
146  */
pkey_skey2pkey(const u8 * key,struct pkey_protkey * pkey)147 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey)
148 {
149 	int rc, verify;
150 	u16 cardnr, domain;
151 	struct keytoken_header *hdr = (struct keytoken_header *)key;
152 
153 	/*
154 	 * The cca_xxx2protkey call may fail when a card has been
155 	 * addressed where the master key was changed after last fetch
156 	 * of the mkvp into the cache. Try 3 times: First witout verify
157 	 * then with verify and last round with verify and old master
158 	 * key verification pattern match not ignored.
159 	 */
160 	for (verify = 0; verify < 3; verify++) {
161 		rc = cca_findcard(key, &cardnr, &domain, verify);
162 		if (rc < 0)
163 			continue;
164 		if (rc > 0 && verify < 2)
165 			continue;
166 		switch (hdr->version) {
167 		case TOKVER_CCA_AES:
168 			rc = cca_sec2protkey(cardnr, domain,
169 					     key, pkey->protkey,
170 					     &pkey->len, &pkey->type);
171 			break;
172 		case TOKVER_CCA_VLSC:
173 			rc = cca_cipher2protkey(cardnr, domain,
174 						key, pkey->protkey,
175 						&pkey->len, &pkey->type);
176 			break;
177 		default:
178 			return -EINVAL;
179 		}
180 		if (rc == 0)
181 			break;
182 	}
183 
184 	if (rc)
185 		DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
186 
187 	return rc;
188 }
189 
190 /*
191  * Construct EP11 key with given clear key value.
192  */
pkey_clr2ep11key(const u8 * clrkey,size_t clrkeylen,u8 * keybuf,size_t * keybuflen)193 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
194 			    u8 *keybuf, size_t *keybuflen)
195 {
196 	int i, rc;
197 	u16 card, dom;
198 	u32 nr_apqns, *apqns = NULL;
199 
200 	/* build a list of apqns suitable for ep11 keys with cpacf support */
201 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
202 			    ZCRYPT_CEX7, EP11_API_V, NULL);
203 	if (rc)
204 		goto out;
205 
206 	/* go through the list of apqns and try to bild an ep11 key */
207 	for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
208 		card = apqns[i] >> 16;
209 		dom = apqns[i] & 0xFFFF;
210 		rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
211 				      0, clrkey, keybuf, keybuflen);
212 		if (rc == 0)
213 			break;
214 	}
215 
216 out:
217 	kfree(apqns);
218 	if (rc)
219 		DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
220 	return rc;
221 }
222 
223 /*
224  * Find card and transform EP11 secure key into protected key.
225  */
pkey_ep11key2pkey(const u8 * key,struct pkey_protkey * pkey)226 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey)
227 {
228 	int i, rc;
229 	u16 card, dom;
230 	u32 nr_apqns, *apqns = NULL;
231 	struct ep11keyblob *kb = (struct ep11keyblob *) key;
232 
233 	/* build a list of apqns suitable for this key */
234 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
235 			    ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
236 	if (rc)
237 		goto out;
238 
239 	/* go through the list of apqns and try to derive an pkey */
240 	for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
241 		card = apqns[i] >> 16;
242 		dom = apqns[i] & 0xFFFF;
243 		pkey->len = sizeof(pkey->protkey);
244 		rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
245 					pkey->protkey, &pkey->len, &pkey->type);
246 		if (rc == 0)
247 			break;
248 	}
249 
250 out:
251 	kfree(apqns);
252 	if (rc)
253 		DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
254 	return rc;
255 }
256 
257 /*
258  * Verify key and give back some info about the key.
259  */
pkey_verifykey(const struct pkey_seckey * seckey,u16 * pcardnr,u16 * pdomain,u16 * pkeysize,u32 * pattributes)260 static int pkey_verifykey(const struct pkey_seckey *seckey,
261 			  u16 *pcardnr, u16 *pdomain,
262 			  u16 *pkeysize, u32 *pattributes)
263 {
264 	struct secaeskeytoken *t = (struct secaeskeytoken *) seckey;
265 	u16 cardnr, domain;
266 	int rc;
267 
268 	/* check the secure key for valid AES secure key */
269 	rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0);
270 	if (rc)
271 		goto out;
272 	if (pattributes)
273 		*pattributes = PKEY_VERIFY_ATTR_AES;
274 	if (pkeysize)
275 		*pkeysize = t->bitsize;
276 
277 	/* try to find a card which can handle this key */
278 	rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
279 	if (rc < 0)
280 		goto out;
281 
282 	if (rc > 0) {
283 		/* key mkvp matches to old master key mkvp */
284 		DEBUG_DBG("%s secure key has old mkvp\n", __func__);
285 		if (pattributes)
286 			*pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
287 		rc = 0;
288 	}
289 
290 	if (pcardnr)
291 		*pcardnr = cardnr;
292 	if (pdomain)
293 		*pdomain = domain;
294 
295 out:
296 	DEBUG_DBG("%s rc=%d\n", __func__, rc);
297 	return rc;
298 }
299 
300 /*
301  * Generate a random protected key
302  */
pkey_genprotkey(u32 keytype,struct pkey_protkey * protkey)303 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey)
304 {
305 	struct pkey_clrkey clrkey;
306 	int keysize;
307 	int rc;
308 
309 	switch (keytype) {
310 	case PKEY_KEYTYPE_AES_128:
311 		keysize = 16;
312 		break;
313 	case PKEY_KEYTYPE_AES_192:
314 		keysize = 24;
315 		break;
316 	case PKEY_KEYTYPE_AES_256:
317 		keysize = 32;
318 		break;
319 	default:
320 		DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
321 			  keytype);
322 		return -EINVAL;
323 	}
324 
325 	/* generate a dummy random clear key */
326 	get_random_bytes(clrkey.clrkey, keysize);
327 
328 	/* convert it to a dummy protected key */
329 	rc = pkey_clr2protkey(keytype, &clrkey, protkey);
330 	if (rc)
331 		return rc;
332 
333 	/* replace the key part of the protected key with random bytes */
334 	get_random_bytes(protkey->protkey, keysize);
335 
336 	return 0;
337 }
338 
339 /*
340  * Verify if a protected key is still valid
341  */
pkey_verifyprotkey(const struct pkey_protkey * protkey)342 static int pkey_verifyprotkey(const struct pkey_protkey *protkey)
343 {
344 	unsigned long fc;
345 	struct {
346 		u8 iv[AES_BLOCK_SIZE];
347 		u8 key[MAXPROTKEYSIZE];
348 	} param;
349 	u8 null_msg[AES_BLOCK_SIZE];
350 	u8 dest_buf[AES_BLOCK_SIZE];
351 	unsigned int k;
352 
353 	switch (protkey->type) {
354 	case PKEY_KEYTYPE_AES_128:
355 		fc = CPACF_KMC_PAES_128;
356 		break;
357 	case PKEY_KEYTYPE_AES_192:
358 		fc = CPACF_KMC_PAES_192;
359 		break;
360 	case PKEY_KEYTYPE_AES_256:
361 		fc = CPACF_KMC_PAES_256;
362 		break;
363 	default:
364 		DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
365 			  protkey->type);
366 		return -EINVAL;
367 	}
368 
369 	memset(null_msg, 0, sizeof(null_msg));
370 
371 	memset(param.iv, 0, sizeof(param.iv));
372 	memcpy(param.key, protkey->protkey, sizeof(param.key));
373 
374 	k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
375 		      sizeof(null_msg));
376 	if (k != sizeof(null_msg)) {
377 		DEBUG_ERR("%s protected key is not valid\n", __func__);
378 		return -EKEYREJECTED;
379 	}
380 
381 	return 0;
382 }
383 
384 /*
385  * Transform a non-CCA key token into a protected key
386  */
pkey_nonccatok2pkey(const u8 * key,u32 keylen,struct pkey_protkey * protkey)387 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
388 			       struct pkey_protkey *protkey)
389 {
390 	int rc = -EINVAL;
391 	u8 *tmpbuf = NULL;
392 	struct keytoken_header *hdr = (struct keytoken_header *)key;
393 
394 	switch (hdr->version) {
395 	case TOKVER_PROTECTED_KEY: {
396 		struct protaeskeytoken *t;
397 
398 		if (keylen != sizeof(struct protaeskeytoken))
399 			goto out;
400 		t = (struct protaeskeytoken *)key;
401 		protkey->len = t->len;
402 		protkey->type = t->keytype;
403 		memcpy(protkey->protkey, t->protkey,
404 		       sizeof(protkey->protkey));
405 		rc = pkey_verifyprotkey(protkey);
406 		break;
407 	}
408 	case TOKVER_CLEAR_KEY: {
409 		struct clearaeskeytoken *t;
410 		struct pkey_clrkey ckey;
411 		union u_tmpbuf {
412 			u8 skey[SECKEYBLOBSIZE];
413 			u8 ep11key[MAXEP11AESKEYBLOBSIZE];
414 		};
415 		size_t tmpbuflen = sizeof(union u_tmpbuf);
416 
417 		if (keylen < sizeof(struct clearaeskeytoken))
418 			goto out;
419 		t = (struct clearaeskeytoken *)key;
420 		if (keylen != sizeof(*t) + t->len)
421 			goto out;
422 		if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16)
423 		    || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24)
424 		    || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32))
425 			memcpy(ckey.clrkey, t->clearkey, t->len);
426 		else
427 			goto out;
428 		/* alloc temp key buffer space */
429 		tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
430 		if (!tmpbuf) {
431 			rc = -ENOMEM;
432 			goto out;
433 		}
434 		/* try direct way with the PCKMO instruction */
435 		rc = pkey_clr2protkey(t->keytype, &ckey, protkey);
436 		if (rc == 0)
437 			break;
438 		/* PCKMO failed, so try the CCA secure key way */
439 		rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype,
440 				    ckey.clrkey, tmpbuf);
441 		if (rc == 0)
442 			rc = pkey_skey2pkey(tmpbuf, protkey);
443 		if (rc == 0)
444 			break;
445 		/* if the CCA way also failed, let's try via EP11 */
446 		rc = pkey_clr2ep11key(ckey.clrkey, t->len,
447 				      tmpbuf, &tmpbuflen);
448 		if (rc == 0)
449 			rc = pkey_ep11key2pkey(tmpbuf, protkey);
450 		/* now we should really have an protected key */
451 		DEBUG_ERR("%s unable to build protected key from clear",
452 			  __func__);
453 		break;
454 	}
455 	case TOKVER_EP11_AES: {
456 		/* check ep11 key for exportable as protected key */
457 		rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
458 		if (rc)
459 			goto out;
460 		rc = pkey_ep11key2pkey(key, protkey);
461 		break;
462 	}
463 	case TOKVER_EP11_AES_WITH_HEADER:
464 		/* check ep11 key with header for exportable as protected key */
465 		rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1);
466 		if (rc)
467 			goto out;
468 		rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header),
469 				       protkey);
470 		break;
471 	default:
472 		DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n",
473 			  __func__, hdr->version);
474 		rc = -EINVAL;
475 	}
476 
477 out:
478 	kfree(tmpbuf);
479 	return rc;
480 }
481 
482 /*
483  * Transform a CCA internal key token into a protected key
484  */
pkey_ccainttok2pkey(const u8 * key,u32 keylen,struct pkey_protkey * protkey)485 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
486 			       struct pkey_protkey *protkey)
487 {
488 	struct keytoken_header *hdr = (struct keytoken_header *)key;
489 
490 	switch (hdr->version) {
491 	case TOKVER_CCA_AES:
492 		if (keylen != sizeof(struct secaeskeytoken))
493 			return -EINVAL;
494 		break;
495 	case TOKVER_CCA_VLSC:
496 		if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
497 			return -EINVAL;
498 		break;
499 	default:
500 		DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n",
501 			  __func__, hdr->version);
502 		return -EINVAL;
503 	}
504 
505 	return pkey_skey2pkey(key, protkey);
506 }
507 
508 /*
509  * Transform a key blob (of any type) into a protected key
510  */
pkey_keyblob2pkey(const u8 * key,u32 keylen,struct pkey_protkey * protkey)511 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
512 		      struct pkey_protkey *protkey)
513 {
514 	int rc;
515 	struct keytoken_header *hdr = (struct keytoken_header *)key;
516 
517 	if (keylen < sizeof(struct keytoken_header)) {
518 		DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen);
519 		return -EINVAL;
520 	}
521 
522 	switch (hdr->type) {
523 	case TOKTYPE_NON_CCA:
524 		rc = pkey_nonccatok2pkey(key, keylen, protkey);
525 		break;
526 	case TOKTYPE_CCA_INTERNAL:
527 		rc = pkey_ccainttok2pkey(key, keylen, protkey);
528 		break;
529 	default:
530 		DEBUG_ERR("%s unknown/unsupported blob type %d\n",
531 			  __func__, hdr->type);
532 		return -EINVAL;
533 	}
534 
535 	DEBUG_DBG("%s rc=%d\n", __func__, rc);
536 	return rc;
537 
538 }
539 EXPORT_SYMBOL(pkey_keyblob2pkey);
540 
pkey_genseckey2(const struct pkey_apqn * apqns,size_t nr_apqns,enum pkey_key_type ktype,enum pkey_key_size ksize,u32 kflags,u8 * keybuf,size_t * keybufsize)541 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
542 			   enum pkey_key_type ktype, enum pkey_key_size ksize,
543 			   u32 kflags, u8 *keybuf, size_t *keybufsize)
544 {
545 	int i, card, dom, rc;
546 
547 	/* check for at least one apqn given */
548 	if (!apqns || !nr_apqns)
549 		return -EINVAL;
550 
551 	/* check key type and size */
552 	switch (ktype) {
553 	case PKEY_TYPE_CCA_DATA:
554 	case PKEY_TYPE_CCA_CIPHER:
555 		if (*keybufsize < SECKEYBLOBSIZE)
556 			return -EINVAL;
557 		break;
558 	case PKEY_TYPE_EP11:
559 		if (*keybufsize < MINEP11AESKEYBLOBSIZE)
560 			return -EINVAL;
561 		break;
562 	default:
563 		return -EINVAL;
564 	}
565 	switch (ksize) {
566 	case PKEY_SIZE_AES_128:
567 	case PKEY_SIZE_AES_192:
568 	case PKEY_SIZE_AES_256:
569 		break;
570 	default:
571 		return -EINVAL;
572 	}
573 
574 	/* simple try all apqns from the list */
575 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
576 		card = apqns[i].card;
577 		dom = apqns[i].domain;
578 		if (ktype == PKEY_TYPE_EP11) {
579 			rc = ep11_genaeskey(card, dom, ksize, kflags,
580 					    keybuf, keybufsize);
581 		} else if (ktype == PKEY_TYPE_CCA_DATA) {
582 			rc = cca_genseckey(card, dom, ksize, keybuf);
583 			*keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
584 		} else /* TOKVER_CCA_VLSC */
585 			rc = cca_gencipherkey(card, dom, ksize, kflags,
586 					      keybuf, keybufsize);
587 		if (rc == 0)
588 			break;
589 	}
590 
591 	return rc;
592 }
593 
pkey_clr2seckey2(const struct pkey_apqn * apqns,size_t nr_apqns,enum pkey_key_type ktype,enum pkey_key_size ksize,u32 kflags,const u8 * clrkey,u8 * keybuf,size_t * keybufsize)594 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
595 			    enum pkey_key_type ktype, enum pkey_key_size ksize,
596 			    u32 kflags, const u8 *clrkey,
597 			    u8 *keybuf, size_t *keybufsize)
598 {
599 	int i, card, dom, rc;
600 
601 	/* check for at least one apqn given */
602 	if (!apqns || !nr_apqns)
603 		return -EINVAL;
604 
605 	/* check key type and size */
606 	switch (ktype) {
607 	case PKEY_TYPE_CCA_DATA:
608 	case PKEY_TYPE_CCA_CIPHER:
609 		if (*keybufsize < SECKEYBLOBSIZE)
610 			return -EINVAL;
611 		break;
612 	case PKEY_TYPE_EP11:
613 		if (*keybufsize < MINEP11AESKEYBLOBSIZE)
614 			return -EINVAL;
615 		break;
616 	default:
617 		return -EINVAL;
618 	}
619 	switch (ksize) {
620 	case PKEY_SIZE_AES_128:
621 	case PKEY_SIZE_AES_192:
622 	case PKEY_SIZE_AES_256:
623 		break;
624 	default:
625 		return -EINVAL;
626 	}
627 
628 	/* simple try all apqns from the list */
629 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
630 		card = apqns[i].card;
631 		dom = apqns[i].domain;
632 		if (ktype == PKEY_TYPE_EP11) {
633 			rc = ep11_clr2keyblob(card, dom, ksize, kflags,
634 					      clrkey, keybuf, keybufsize);
635 		} else if (ktype == PKEY_TYPE_CCA_DATA) {
636 			rc = cca_clr2seckey(card, dom, ksize,
637 					    clrkey, keybuf);
638 			*keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
639 		} else /* TOKVER_CCA_VLSC */
640 			rc = cca_clr2cipherkey(card, dom, ksize, kflags,
641 					       clrkey, keybuf, keybufsize);
642 		if (rc == 0)
643 			break;
644 	}
645 
646 	return rc;
647 }
648 
pkey_verifykey2(const u8 * key,size_t keylen,u16 * cardnr,u16 * domain,enum pkey_key_type * ktype,enum pkey_key_size * ksize,u32 * flags)649 static int pkey_verifykey2(const u8 *key, size_t keylen,
650 			   u16 *cardnr, u16 *domain,
651 			   enum pkey_key_type *ktype,
652 			   enum pkey_key_size *ksize, u32 *flags)
653 {
654 	int rc;
655 	u32 _nr_apqns, *_apqns = NULL;
656 	struct keytoken_header *hdr = (struct keytoken_header *)key;
657 
658 	if (keylen < sizeof(struct keytoken_header))
659 		return -EINVAL;
660 
661 	if (hdr->type == TOKTYPE_CCA_INTERNAL
662 	    && hdr->version == TOKVER_CCA_AES) {
663 		struct secaeskeytoken *t = (struct secaeskeytoken *)key;
664 
665 		rc = cca_check_secaeskeytoken(debug_info, 3, key, 0);
666 		if (rc)
667 			goto out;
668 		if (ktype)
669 			*ktype = PKEY_TYPE_CCA_DATA;
670 		if (ksize)
671 			*ksize = (enum pkey_key_size) t->bitsize;
672 
673 		rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
674 				   ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
675 		if (rc == 0 && flags)
676 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
677 		if (rc == -ENODEV) {
678 			rc = cca_findcard2(&_apqns, &_nr_apqns,
679 					   *cardnr, *domain,
680 					   ZCRYPT_CEX3C, AES_MK_SET,
681 					   0, t->mkvp, 1);
682 			if (rc == 0 && flags)
683 				*flags = PKEY_FLAGS_MATCH_ALT_MKVP;
684 		}
685 		if (rc)
686 			goto out;
687 
688 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
689 		*domain = ((struct pkey_apqn *)_apqns)->domain;
690 
691 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL
692 		   && hdr->version == TOKVER_CCA_VLSC) {
693 		struct cipherkeytoken *t = (struct cipherkeytoken *)key;
694 
695 		rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1);
696 		if (rc)
697 			goto out;
698 		if (ktype)
699 			*ktype = PKEY_TYPE_CCA_CIPHER;
700 		if (ksize) {
701 			*ksize = PKEY_SIZE_UNKNOWN;
702 			if (!t->plfver && t->wpllen == 512)
703 				*ksize = PKEY_SIZE_AES_128;
704 			else if (!t->plfver && t->wpllen == 576)
705 				*ksize = PKEY_SIZE_AES_192;
706 			else if (!t->plfver && t->wpllen == 640)
707 				*ksize = PKEY_SIZE_AES_256;
708 		}
709 
710 		rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
711 				   ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
712 		if (rc == 0 && flags)
713 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
714 		if (rc == -ENODEV) {
715 			rc = cca_findcard2(&_apqns, &_nr_apqns,
716 					   *cardnr, *domain,
717 					   ZCRYPT_CEX6, AES_MK_SET,
718 					   0, t->mkvp0, 1);
719 			if (rc == 0 && flags)
720 				*flags = PKEY_FLAGS_MATCH_ALT_MKVP;
721 		}
722 		if (rc)
723 			goto out;
724 
725 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
726 		*domain = ((struct pkey_apqn *)_apqns)->domain;
727 
728 	} else if (hdr->type == TOKTYPE_NON_CCA
729 		   && hdr->version == TOKVER_EP11_AES) {
730 		struct ep11keyblob *kb = (struct ep11keyblob *)key;
731 
732 		rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
733 		if (rc)
734 			goto out;
735 		if (ktype)
736 			*ktype = PKEY_TYPE_EP11;
737 		if (ksize)
738 			*ksize = kb->head.bitlen;
739 
740 		rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
741 				    ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
742 		if (rc)
743 			goto out;
744 
745 		if (flags)
746 			*flags = PKEY_FLAGS_MATCH_CUR_MKVP;
747 
748 		*cardnr = ((struct pkey_apqn *)_apqns)->card;
749 		*domain = ((struct pkey_apqn *)_apqns)->domain;
750 
751 	} else
752 		rc = -EINVAL;
753 
754 out:
755 	kfree(_apqns);
756 	return rc;
757 }
758 
pkey_keyblob2pkey2(const struct pkey_apqn * apqns,size_t nr_apqns,const u8 * key,size_t keylen,struct pkey_protkey * pkey)759 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
760 			      const u8 *key, size_t keylen,
761 			      struct pkey_protkey *pkey)
762 {
763 	int i, card, dom, rc;
764 	struct keytoken_header *hdr = (struct keytoken_header *)key;
765 
766 	/* check for at least one apqn given */
767 	if (!apqns || !nr_apqns)
768 		return -EINVAL;
769 
770 	if (keylen < sizeof(struct keytoken_header))
771 		return -EINVAL;
772 
773 	if (hdr->type == TOKTYPE_CCA_INTERNAL) {
774 		if (hdr->version == TOKVER_CCA_AES) {
775 			if (keylen != sizeof(struct secaeskeytoken))
776 				return -EINVAL;
777 			if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
778 				return -EINVAL;
779 		} else if (hdr->version == TOKVER_CCA_VLSC) {
780 			if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
781 				return -EINVAL;
782 			if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
783 				return -EINVAL;
784 		} else {
785 			DEBUG_ERR("%s unknown CCA internal token version %d\n",
786 				  __func__, hdr->version);
787 			return -EINVAL;
788 		}
789 	} else if (hdr->type == TOKTYPE_NON_CCA) {
790 		if (hdr->version == TOKVER_EP11_AES) {
791 			if (keylen < sizeof(struct ep11keyblob))
792 				return -EINVAL;
793 			if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
794 				return -EINVAL;
795 		} else {
796 			return pkey_nonccatok2pkey(key, keylen, pkey);
797 		}
798 	} else {
799 		DEBUG_ERR("%s unknown/unsupported blob type %d\n",
800 			  __func__, hdr->type);
801 		return -EINVAL;
802 	}
803 
804 	/* simple try all apqns from the list */
805 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
806 		card = apqns[i].card;
807 		dom = apqns[i].domain;
808 		if (hdr->type == TOKTYPE_CCA_INTERNAL
809 		    && hdr->version == TOKVER_CCA_AES)
810 			rc = cca_sec2protkey(card, dom, key, pkey->protkey,
811 					     &pkey->len, &pkey->type);
812 		else if (hdr->type == TOKTYPE_CCA_INTERNAL
813 			 && hdr->version == TOKVER_CCA_VLSC)
814 			rc = cca_cipher2protkey(card, dom, key, pkey->protkey,
815 						&pkey->len, &pkey->type);
816 		else { /* EP11 AES secure key blob */
817 			struct ep11keyblob *kb = (struct ep11keyblob *) key;
818 
819 			pkey->len = sizeof(pkey->protkey);
820 			rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
821 						pkey->protkey, &pkey->len,
822 						&pkey->type);
823 		}
824 		if (rc == 0)
825 			break;
826 	}
827 
828 	return rc;
829 }
830 
pkey_apqns4key(const u8 * key,size_t keylen,u32 flags,struct pkey_apqn * apqns,size_t * nr_apqns)831 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
832 			  struct pkey_apqn *apqns, size_t *nr_apqns)
833 {
834 	int rc;
835 	u32 _nr_apqns, *_apqns = NULL;
836 	struct keytoken_header *hdr = (struct keytoken_header *)key;
837 
838 	if (keylen < sizeof(struct keytoken_header) || flags == 0)
839 		return -EINVAL;
840 
841 	if (hdr->type == TOKTYPE_NON_CCA
842 	    && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
843 		|| hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
844 	    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
845 		int minhwtype = 0, api = 0;
846 		struct ep11keyblob *kb = (struct ep11keyblob *)
847 			(key + sizeof(struct ep11kblob_header));
848 
849 		if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
850 			return -EINVAL;
851 		if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
852 			minhwtype = ZCRYPT_CEX7;
853 			api = EP11_API_V;
854 		}
855 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
856 				    minhwtype, api, kb->wkvp);
857 		if (rc)
858 			goto out;
859 	} else if (hdr->type == TOKTYPE_NON_CCA
860 		   && hdr->version == TOKVER_EP11_AES
861 		   && is_ep11_keyblob(key)) {
862 		int minhwtype = 0, api = 0;
863 		struct ep11keyblob *kb = (struct ep11keyblob *) key;
864 
865 		if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
866 			return -EINVAL;
867 		if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
868 			minhwtype = ZCRYPT_CEX7;
869 			api = EP11_API_V;
870 		}
871 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
872 				    minhwtype, api, kb->wkvp);
873 		if (rc)
874 			goto out;
875 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
876 		int minhwtype = ZCRYPT_CEX3C;
877 		u64 cur_mkvp = 0, old_mkvp = 0;
878 
879 		if (hdr->version == TOKVER_CCA_AES) {
880 			struct secaeskeytoken *t = (struct secaeskeytoken *)key;
881 
882 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
883 				cur_mkvp = t->mkvp;
884 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
885 				old_mkvp = t->mkvp;
886 		} else if (hdr->version == TOKVER_CCA_VLSC) {
887 			struct cipherkeytoken *t = (struct cipherkeytoken *)key;
888 
889 			minhwtype = ZCRYPT_CEX6;
890 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
891 				cur_mkvp = t->mkvp0;
892 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
893 				old_mkvp = t->mkvp0;
894 		} else {
895 			/* unknown cca internal token type */
896 			return -EINVAL;
897 		}
898 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
899 				   minhwtype, AES_MK_SET,
900 				   cur_mkvp, old_mkvp, 1);
901 		if (rc)
902 			goto out;
903 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
904 		u64 cur_mkvp = 0, old_mkvp = 0;
905 		struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
906 
907 		if (t->secid == 0x20) {
908 			if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
909 				cur_mkvp = t->mkvp;
910 			if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
911 				old_mkvp = t->mkvp;
912 		} else {
913 			/* unknown cca internal 2 token type */
914 			return -EINVAL;
915 		}
916 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
917 				   ZCRYPT_CEX7, APKA_MK_SET,
918 				   cur_mkvp, old_mkvp, 1);
919 		if (rc)
920 			goto out;
921 	} else
922 		return -EINVAL;
923 
924 	if (apqns) {
925 		if (*nr_apqns < _nr_apqns)
926 			rc = -ENOSPC;
927 		else
928 			memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
929 	}
930 	*nr_apqns = _nr_apqns;
931 
932 out:
933 	kfree(_apqns);
934 	return rc;
935 }
936 
pkey_apqns4keytype(enum pkey_key_type ktype,u8 cur_mkvp[32],u8 alt_mkvp[32],u32 flags,struct pkey_apqn * apqns,size_t * nr_apqns)937 static int pkey_apqns4keytype(enum pkey_key_type ktype,
938 			      u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
939 			      struct pkey_apqn *apqns, size_t *nr_apqns)
940 {
941 	int rc;
942 	u32 _nr_apqns, *_apqns = NULL;
943 
944 	if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
945 		u64 cur_mkvp = 0, old_mkvp = 0;
946 		int minhwtype = ZCRYPT_CEX3C;
947 
948 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
949 			cur_mkvp = *((u64 *) cur_mkvp);
950 		if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
951 			old_mkvp = *((u64 *) alt_mkvp);
952 		if (ktype == PKEY_TYPE_CCA_CIPHER)
953 			minhwtype = ZCRYPT_CEX6;
954 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
955 				   minhwtype, AES_MK_SET,
956 				   cur_mkvp, old_mkvp, 1);
957 		if (rc)
958 			goto out;
959 	} else if (ktype == PKEY_TYPE_CCA_ECC) {
960 		u64 cur_mkvp = 0, old_mkvp = 0;
961 
962 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
963 			cur_mkvp = *((u64 *) cur_mkvp);
964 		if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
965 			old_mkvp = *((u64 *) alt_mkvp);
966 		rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
967 				   ZCRYPT_CEX7, APKA_MK_SET,
968 				   cur_mkvp, old_mkvp, 1);
969 		if (rc)
970 			goto out;
971 
972 	} else if (ktype == PKEY_TYPE_EP11 ||
973 		   ktype == PKEY_TYPE_EP11_AES ||
974 		   ktype == PKEY_TYPE_EP11_ECC) {
975 		u8 *wkvp = NULL;
976 
977 		if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
978 			wkvp = cur_mkvp;
979 		rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
980 				    ZCRYPT_CEX7, EP11_API_V, wkvp);
981 		if (rc)
982 			goto out;
983 
984 	} else
985 		return -EINVAL;
986 
987 	if (apqns) {
988 		if (*nr_apqns < _nr_apqns)
989 			rc = -ENOSPC;
990 		else
991 			memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
992 	}
993 	*nr_apqns = _nr_apqns;
994 
995 out:
996 	kfree(_apqns);
997 	return rc;
998 }
999 
pkey_keyblob2pkey3(const struct pkey_apqn * apqns,size_t nr_apqns,const u8 * key,size_t keylen,u32 * protkeytype,u8 * protkey,u32 * protkeylen)1000 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
1001 			      const u8 *key, size_t keylen, u32 *protkeytype,
1002 			      u8 *protkey, u32 *protkeylen)
1003 {
1004 	int i, card, dom, rc;
1005 	struct keytoken_header *hdr = (struct keytoken_header *)key;
1006 
1007 	/* check for at least one apqn given */
1008 	if (!apqns || !nr_apqns)
1009 		return -EINVAL;
1010 
1011 	if (keylen < sizeof(struct keytoken_header))
1012 		return -EINVAL;
1013 
1014 	if (hdr->type == TOKTYPE_NON_CCA
1015 	    && hdr->version == TOKVER_EP11_AES_WITH_HEADER
1016 	    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1017 		/* EP11 AES key blob with header */
1018 		if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1))
1019 			return -EINVAL;
1020 	} else if (hdr->type == TOKTYPE_NON_CCA
1021 		   && hdr->version == TOKVER_EP11_ECC_WITH_HEADER
1022 		   && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1023 		/* EP11 ECC key blob with header */
1024 		if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1))
1025 			return -EINVAL;
1026 	} else if (hdr->type == TOKTYPE_NON_CCA
1027 		   && hdr->version == TOKVER_EP11_AES
1028 		   && is_ep11_keyblob(key)) {
1029 		/* EP11 AES key blob with header in session field */
1030 		if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
1031 			return -EINVAL;
1032 	} else	if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1033 		if (hdr->version == TOKVER_CCA_AES) {
1034 			/* CCA AES data key */
1035 			if (keylen != sizeof(struct secaeskeytoken))
1036 				return -EINVAL;
1037 			if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
1038 				return -EINVAL;
1039 		} else if (hdr->version == TOKVER_CCA_VLSC) {
1040 			/* CCA AES cipher key */
1041 			if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1042 				return -EINVAL;
1043 			if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
1044 				return -EINVAL;
1045 		} else {
1046 			DEBUG_ERR("%s unknown CCA internal token version %d\n",
1047 				  __func__, hdr->version);
1048 			return -EINVAL;
1049 		}
1050 	} else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1051 		/* CCA ECC (private) key */
1052 		if (keylen < sizeof(struct eccprivkeytoken))
1053 			return -EINVAL;
1054 		if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1))
1055 			return -EINVAL;
1056 	} else if (hdr->type == TOKTYPE_NON_CCA) {
1057 		struct pkey_protkey pkey;
1058 
1059 		rc = pkey_nonccatok2pkey(key, keylen, &pkey);
1060 		if (rc)
1061 			return rc;
1062 		memcpy(protkey, pkey.protkey, pkey.len);
1063 		*protkeylen = pkey.len;
1064 		*protkeytype = pkey.type;
1065 		return 0;
1066 	} else {
1067 		DEBUG_ERR("%s unknown/unsupported blob type %d\n",
1068 			  __func__, hdr->type);
1069 		return -EINVAL;
1070 	}
1071 
1072 	/* simple try all apqns from the list */
1073 	for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1074 		card = apqns[i].card;
1075 		dom = apqns[i].domain;
1076 		if (hdr->type == TOKTYPE_NON_CCA
1077 		    && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
1078 			|| hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
1079 		    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1080 			rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1081 						protkey, protkeylen, protkeytype);
1082 		else if (hdr->type == TOKTYPE_NON_CCA
1083 			 && hdr->version == TOKVER_EP11_AES
1084 			 && is_ep11_keyblob(key))
1085 			rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1086 						protkey, protkeylen, protkeytype);
1087 		else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1088 			 hdr->version == TOKVER_CCA_AES)
1089 			rc = cca_sec2protkey(card, dom, key, protkey,
1090 					     protkeylen, protkeytype);
1091 		else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1092 			 hdr->version == TOKVER_CCA_VLSC)
1093 			rc = cca_cipher2protkey(card, dom, key, protkey,
1094 						protkeylen, protkeytype);
1095 		else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1096 			rc = cca_ecc2protkey(card, dom, key, protkey,
1097 					     protkeylen, protkeytype);
1098 		else
1099 			return -EINVAL;
1100 	}
1101 
1102 	return rc;
1103 }
1104 
1105 /*
1106  * File io functions
1107  */
1108 
_copy_key_from_user(void __user * ukey,size_t keylen)1109 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1110 {
1111 	if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE)
1112 		return ERR_PTR(-EINVAL);
1113 
1114 	return memdup_user(ukey, keylen);
1115 }
1116 
_copy_apqns_from_user(void __user * uapqns,size_t nr_apqns)1117 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1118 {
1119 	if (!uapqns || nr_apqns == 0)
1120 		return NULL;
1121 
1122 	return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1123 }
1124 
pkey_unlocked_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)1125 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1126 				unsigned long arg)
1127 {
1128 	int rc;
1129 
1130 	switch (cmd) {
1131 	case PKEY_GENSECK: {
1132 		struct pkey_genseck __user *ugs = (void __user *) arg;
1133 		struct pkey_genseck kgs;
1134 
1135 		if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1136 			return -EFAULT;
1137 		rc = cca_genseckey(kgs.cardnr, kgs.domain,
1138 				   kgs.keytype, kgs.seckey.seckey);
1139 		DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc);
1140 		if (rc)
1141 			break;
1142 		if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1143 			return -EFAULT;
1144 		break;
1145 	}
1146 	case PKEY_CLR2SECK: {
1147 		struct pkey_clr2seck __user *ucs = (void __user *) arg;
1148 		struct pkey_clr2seck kcs;
1149 
1150 		if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1151 			return -EFAULT;
1152 		rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1153 				    kcs.clrkey.clrkey, kcs.seckey.seckey);
1154 		DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc);
1155 		if (rc)
1156 			break;
1157 		if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1158 			return -EFAULT;
1159 		memzero_explicit(&kcs, sizeof(kcs));
1160 		break;
1161 	}
1162 	case PKEY_SEC2PROTK: {
1163 		struct pkey_sec2protk __user *usp = (void __user *) arg;
1164 		struct pkey_sec2protk ksp;
1165 
1166 		if (copy_from_user(&ksp, usp, sizeof(ksp)))
1167 			return -EFAULT;
1168 		rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1169 				     ksp.seckey.seckey, ksp.protkey.protkey,
1170 				     &ksp.protkey.len, &ksp.protkey.type);
1171 		DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc);
1172 		if (rc)
1173 			break;
1174 		if (copy_to_user(usp, &ksp, sizeof(ksp)))
1175 			return -EFAULT;
1176 		break;
1177 	}
1178 	case PKEY_CLR2PROTK: {
1179 		struct pkey_clr2protk __user *ucp = (void __user *) arg;
1180 		struct pkey_clr2protk kcp;
1181 
1182 		if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1183 			return -EFAULT;
1184 		rc = pkey_clr2protkey(kcp.keytype,
1185 				      &kcp.clrkey, &kcp.protkey);
1186 		DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc);
1187 		if (rc)
1188 			break;
1189 		if (copy_to_user(ucp, &kcp, sizeof(kcp)))
1190 			return -EFAULT;
1191 		memzero_explicit(&kcp, sizeof(kcp));
1192 		break;
1193 	}
1194 	case PKEY_FINDCARD: {
1195 		struct pkey_findcard __user *ufc = (void __user *) arg;
1196 		struct pkey_findcard kfc;
1197 
1198 		if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1199 			return -EFAULT;
1200 		rc = cca_findcard(kfc.seckey.seckey,
1201 				  &kfc.cardnr, &kfc.domain, 1);
1202 		DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc);
1203 		if (rc < 0)
1204 			break;
1205 		if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1206 			return -EFAULT;
1207 		break;
1208 	}
1209 	case PKEY_SKEY2PKEY: {
1210 		struct pkey_skey2pkey __user *usp = (void __user *) arg;
1211 		struct pkey_skey2pkey ksp;
1212 
1213 		if (copy_from_user(&ksp, usp, sizeof(ksp)))
1214 			return -EFAULT;
1215 		rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey);
1216 		DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc);
1217 		if (rc)
1218 			break;
1219 		if (copy_to_user(usp, &ksp, sizeof(ksp)))
1220 			return -EFAULT;
1221 		break;
1222 	}
1223 	case PKEY_VERIFYKEY: {
1224 		struct pkey_verifykey __user *uvk = (void __user *) arg;
1225 		struct pkey_verifykey kvk;
1226 
1227 		if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1228 			return -EFAULT;
1229 		rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1230 				    &kvk.keysize, &kvk.attributes);
1231 		DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc);
1232 		if (rc)
1233 			break;
1234 		if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1235 			return -EFAULT;
1236 		break;
1237 	}
1238 	case PKEY_GENPROTK: {
1239 		struct pkey_genprotk __user *ugp = (void __user *) arg;
1240 		struct pkey_genprotk kgp;
1241 
1242 		if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1243 			return -EFAULT;
1244 		rc = pkey_genprotkey(kgp.keytype, &kgp.protkey);
1245 		DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc);
1246 		if (rc)
1247 			break;
1248 		if (copy_to_user(ugp, &kgp, sizeof(kgp)))
1249 			return -EFAULT;
1250 		break;
1251 	}
1252 	case PKEY_VERIFYPROTK: {
1253 		struct pkey_verifyprotk __user *uvp = (void __user *) arg;
1254 		struct pkey_verifyprotk kvp;
1255 
1256 		if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1257 			return -EFAULT;
1258 		rc = pkey_verifyprotkey(&kvp.protkey);
1259 		DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1260 		break;
1261 	}
1262 	case PKEY_KBLOB2PROTK: {
1263 		struct pkey_kblob2pkey __user *utp = (void __user *) arg;
1264 		struct pkey_kblob2pkey ktp;
1265 		u8 *kkey;
1266 
1267 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1268 			return -EFAULT;
1269 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1270 		if (IS_ERR(kkey))
1271 			return PTR_ERR(kkey);
1272 		rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
1273 		DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1274 		memzero_explicit(kkey, ktp.keylen);
1275 		kfree(kkey);
1276 		if (rc)
1277 			break;
1278 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1279 			return -EFAULT;
1280 		break;
1281 	}
1282 	case PKEY_GENSECK2: {
1283 		struct pkey_genseck2 __user *ugs = (void __user *) arg;
1284 		struct pkey_genseck2 kgs;
1285 		struct pkey_apqn *apqns;
1286 		size_t klen = KEYBLOBBUFSIZE;
1287 		u8 *kkey;
1288 
1289 		if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1290 			return -EFAULT;
1291 		apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1292 		if (IS_ERR(apqns))
1293 			return PTR_ERR(apqns);
1294 		kkey = kmalloc(klen, GFP_KERNEL);
1295 		if (!kkey) {
1296 			kfree(apqns);
1297 			return -ENOMEM;
1298 		}
1299 		rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1300 				     kgs.type, kgs.size, kgs.keygenflags,
1301 				     kkey, &klen);
1302 		DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc);
1303 		kfree(apqns);
1304 		if (rc) {
1305 			kfree(kkey);
1306 			break;
1307 		}
1308 		if (kgs.key) {
1309 			if (kgs.keylen < klen) {
1310 				kfree(kkey);
1311 				return -EINVAL;
1312 			}
1313 			if (copy_to_user(kgs.key, kkey, klen)) {
1314 				kfree(kkey);
1315 				return -EFAULT;
1316 			}
1317 		}
1318 		kgs.keylen = klen;
1319 		if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1320 			rc = -EFAULT;
1321 		kfree(kkey);
1322 		break;
1323 	}
1324 	case PKEY_CLR2SECK2: {
1325 		struct pkey_clr2seck2 __user *ucs = (void __user *) arg;
1326 		struct pkey_clr2seck2 kcs;
1327 		struct pkey_apqn *apqns;
1328 		size_t klen = KEYBLOBBUFSIZE;
1329 		u8 *kkey;
1330 
1331 		if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1332 			return -EFAULT;
1333 		apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1334 		if (IS_ERR(apqns))
1335 			return PTR_ERR(apqns);
1336 		kkey = kmalloc(klen, GFP_KERNEL);
1337 		if (!kkey) {
1338 			kfree(apqns);
1339 			return -ENOMEM;
1340 		}
1341 		rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1342 				      kcs.type, kcs.size, kcs.keygenflags,
1343 				      kcs.clrkey.clrkey, kkey, &klen);
1344 		DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1345 		kfree(apqns);
1346 		if (rc) {
1347 			kfree(kkey);
1348 			break;
1349 		}
1350 		if (kcs.key) {
1351 			if (kcs.keylen < klen) {
1352 				kfree(kkey);
1353 				return -EINVAL;
1354 			}
1355 			if (copy_to_user(kcs.key, kkey, klen)) {
1356 				kfree(kkey);
1357 				return -EFAULT;
1358 			}
1359 		}
1360 		kcs.keylen = klen;
1361 		if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1362 			rc = -EFAULT;
1363 		memzero_explicit(&kcs, sizeof(kcs));
1364 		kfree(kkey);
1365 		break;
1366 	}
1367 	case PKEY_VERIFYKEY2: {
1368 		struct pkey_verifykey2 __user *uvk = (void __user *) arg;
1369 		struct pkey_verifykey2 kvk;
1370 		u8 *kkey;
1371 
1372 		if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1373 			return -EFAULT;
1374 		kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1375 		if (IS_ERR(kkey))
1376 			return PTR_ERR(kkey);
1377 		rc = pkey_verifykey2(kkey, kvk.keylen,
1378 				     &kvk.cardnr, &kvk.domain,
1379 				     &kvk.type, &kvk.size, &kvk.flags);
1380 		DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc);
1381 		kfree(kkey);
1382 		if (rc)
1383 			break;
1384 		if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1385 			return -EFAULT;
1386 		break;
1387 	}
1388 	case PKEY_KBLOB2PROTK2: {
1389 		struct pkey_kblob2pkey2 __user *utp = (void __user *) arg;
1390 		struct pkey_kblob2pkey2 ktp;
1391 		struct pkey_apqn *apqns = NULL;
1392 		u8 *kkey;
1393 
1394 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1395 			return -EFAULT;
1396 		apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1397 		if (IS_ERR(apqns))
1398 			return PTR_ERR(apqns);
1399 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1400 		if (IS_ERR(kkey)) {
1401 			kfree(apqns);
1402 			return PTR_ERR(kkey);
1403 		}
1404 		rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1405 					kkey, ktp.keylen, &ktp.protkey);
1406 		DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1407 		kfree(apqns);
1408 		memzero_explicit(kkey, ktp.keylen);
1409 		kfree(kkey);
1410 		if (rc)
1411 			break;
1412 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1413 			return -EFAULT;
1414 		break;
1415 	}
1416 	case PKEY_APQNS4K: {
1417 		struct pkey_apqns4key __user *uak = (void __user *) arg;
1418 		struct pkey_apqns4key kak;
1419 		struct pkey_apqn *apqns = NULL;
1420 		size_t nr_apqns, len;
1421 		u8 *kkey;
1422 
1423 		if (copy_from_user(&kak, uak, sizeof(kak)))
1424 			return -EFAULT;
1425 		nr_apqns = kak.apqn_entries;
1426 		if (nr_apqns) {
1427 			apqns = kmalloc_array(nr_apqns,
1428 					      sizeof(struct pkey_apqn),
1429 					      GFP_KERNEL);
1430 			if (!apqns)
1431 				return -ENOMEM;
1432 		}
1433 		kkey = _copy_key_from_user(kak.key, kak.keylen);
1434 		if (IS_ERR(kkey)) {
1435 			kfree(apqns);
1436 			return PTR_ERR(kkey);
1437 		}
1438 		rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1439 				    apqns, &nr_apqns);
1440 		DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc);
1441 		kfree(kkey);
1442 		if (rc && rc != -ENOSPC) {
1443 			kfree(apqns);
1444 			break;
1445 		}
1446 		if (!rc && kak.apqns) {
1447 			if (nr_apqns > kak.apqn_entries) {
1448 				kfree(apqns);
1449 				return -EINVAL;
1450 			}
1451 			len = nr_apqns * sizeof(struct pkey_apqn);
1452 			if (len) {
1453 				if (copy_to_user(kak.apqns, apqns, len)) {
1454 					kfree(apqns);
1455 					return -EFAULT;
1456 				}
1457 			}
1458 		}
1459 		kak.apqn_entries = nr_apqns;
1460 		if (copy_to_user(uak, &kak, sizeof(kak)))
1461 			rc = -EFAULT;
1462 		kfree(apqns);
1463 		break;
1464 	}
1465 	case PKEY_APQNS4KT: {
1466 		struct pkey_apqns4keytype __user *uat = (void __user *) arg;
1467 		struct pkey_apqns4keytype kat;
1468 		struct pkey_apqn *apqns = NULL;
1469 		size_t nr_apqns, len;
1470 
1471 		if (copy_from_user(&kat, uat, sizeof(kat)))
1472 			return -EFAULT;
1473 		nr_apqns = kat.apqn_entries;
1474 		if (nr_apqns) {
1475 			apqns = kmalloc_array(nr_apqns,
1476 					      sizeof(struct pkey_apqn),
1477 					      GFP_KERNEL);
1478 			if (!apqns)
1479 				return -ENOMEM;
1480 		}
1481 		rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1482 					kat.flags, apqns, &nr_apqns);
1483 		DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1484 		if (rc && rc != -ENOSPC) {
1485 			kfree(apqns);
1486 			break;
1487 		}
1488 		if (!rc && kat.apqns) {
1489 			if (nr_apqns > kat.apqn_entries) {
1490 				kfree(apqns);
1491 				return -EINVAL;
1492 			}
1493 			len = nr_apqns * sizeof(struct pkey_apqn);
1494 			if (len) {
1495 				if (copy_to_user(kat.apqns, apqns, len)) {
1496 					kfree(apqns);
1497 					return -EFAULT;
1498 				}
1499 			}
1500 		}
1501 		kat.apqn_entries = nr_apqns;
1502 		if (copy_to_user(uat, &kat, sizeof(kat)))
1503 			rc = -EFAULT;
1504 		kfree(apqns);
1505 		break;
1506 	}
1507 	case PKEY_KBLOB2PROTK3: {
1508 		struct pkey_kblob2pkey3 __user *utp = (void __user *) arg;
1509 		struct pkey_kblob2pkey3 ktp;
1510 		struct pkey_apqn *apqns = NULL;
1511 		u32 protkeylen = PROTKEYBLOBBUFSIZE;
1512 		u8 *kkey, *protkey;
1513 
1514 		if (copy_from_user(&ktp, utp, sizeof(ktp)))
1515 			return -EFAULT;
1516 		apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1517 		if (IS_ERR(apqns))
1518 			return PTR_ERR(apqns);
1519 		kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1520 		if (IS_ERR(kkey)) {
1521 			kfree(apqns);
1522 			return PTR_ERR(kkey);
1523 		}
1524 		protkey = kmalloc(protkeylen, GFP_KERNEL);
1525 		if (!protkey) {
1526 			kfree(apqns);
1527 			kfree(kkey);
1528 			return -ENOMEM;
1529 		}
1530 		rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey,
1531 					ktp.keylen, &ktp.pkeytype,
1532 					protkey, &protkeylen);
1533 		DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1534 		kfree(apqns);
1535 		memzero_explicit(kkey, ktp.keylen);
1536 		kfree(kkey);
1537 		if (rc) {
1538 			kfree(protkey);
1539 			break;
1540 		}
1541 		if (ktp.pkey && ktp.pkeylen) {
1542 			if (protkeylen > ktp.pkeylen) {
1543 				kfree(protkey);
1544 				return -EINVAL;
1545 			}
1546 			if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1547 				kfree(protkey);
1548 				return -EFAULT;
1549 			}
1550 		}
1551 		kfree(protkey);
1552 		ktp.pkeylen = protkeylen;
1553 		if (copy_to_user(utp, &ktp, sizeof(ktp)))
1554 			return -EFAULT;
1555 		break;
1556 	}
1557 	default:
1558 		/* unknown/unsupported ioctl cmd */
1559 		return -ENOTTY;
1560 	}
1561 
1562 	return rc;
1563 }
1564 
1565 /*
1566  * Sysfs and file io operations
1567  */
1568 
1569 /*
1570  * Sysfs attribute read function for all protected key binary attributes.
1571  * The implementation can not deal with partial reads, because a new random
1572  * protected key blob is generated with each read. In case of partial reads
1573  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1574  */
pkey_protkey_aes_attr_read(u32 keytype,bool is_xts,char * buf,loff_t off,size_t count)1575 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1576 					  loff_t off, size_t count)
1577 {
1578 	struct protaeskeytoken protkeytoken;
1579 	struct pkey_protkey protkey;
1580 	int rc;
1581 
1582 	if (off != 0 || count < sizeof(protkeytoken))
1583 		return -EINVAL;
1584 	if (is_xts)
1585 		if (count < 2 * sizeof(protkeytoken))
1586 			return -EINVAL;
1587 
1588 	memset(&protkeytoken, 0, sizeof(protkeytoken));
1589 	protkeytoken.type = TOKTYPE_NON_CCA;
1590 	protkeytoken.version = TOKVER_PROTECTED_KEY;
1591 	protkeytoken.keytype = keytype;
1592 
1593 	rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1594 	if (rc)
1595 		return rc;
1596 
1597 	protkeytoken.len = protkey.len;
1598 	memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1599 
1600 	memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1601 
1602 	if (is_xts) {
1603 		rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1604 		if (rc)
1605 			return rc;
1606 
1607 		protkeytoken.len = protkey.len;
1608 		memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1609 
1610 		memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1611 		       sizeof(protkeytoken));
1612 
1613 		return 2 * sizeof(protkeytoken);
1614 	}
1615 
1616 	return sizeof(protkeytoken);
1617 }
1618 
protkey_aes_128_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1619 static ssize_t protkey_aes_128_read(struct file *filp,
1620 				    struct kobject *kobj,
1621 				    struct bin_attribute *attr,
1622 				    char *buf, loff_t off,
1623 				    size_t count)
1624 {
1625 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1626 					  off, count);
1627 }
1628 
protkey_aes_192_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1629 static ssize_t protkey_aes_192_read(struct file *filp,
1630 				    struct kobject *kobj,
1631 				    struct bin_attribute *attr,
1632 				    char *buf, loff_t off,
1633 				    size_t count)
1634 {
1635 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1636 					  off, count);
1637 }
1638 
protkey_aes_256_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1639 static ssize_t protkey_aes_256_read(struct file *filp,
1640 				    struct kobject *kobj,
1641 				    struct bin_attribute *attr,
1642 				    char *buf, loff_t off,
1643 				    size_t count)
1644 {
1645 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1646 					  off, count);
1647 }
1648 
protkey_aes_128_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1649 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1650 					struct kobject *kobj,
1651 					struct bin_attribute *attr,
1652 					char *buf, loff_t off,
1653 					size_t count)
1654 {
1655 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1656 					  off, count);
1657 }
1658 
protkey_aes_256_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1659 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1660 					struct kobject *kobj,
1661 					struct bin_attribute *attr,
1662 					char *buf, loff_t off,
1663 					size_t count)
1664 {
1665 	return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1666 					  off, count);
1667 }
1668 
1669 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1670 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1671 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1672 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1673 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1674 
1675 static struct bin_attribute *protkey_attrs[] = {
1676 	&bin_attr_protkey_aes_128,
1677 	&bin_attr_protkey_aes_192,
1678 	&bin_attr_protkey_aes_256,
1679 	&bin_attr_protkey_aes_128_xts,
1680 	&bin_attr_protkey_aes_256_xts,
1681 	NULL
1682 };
1683 
1684 static struct attribute_group protkey_attr_group = {
1685 	.name	   = "protkey",
1686 	.bin_attrs = protkey_attrs,
1687 };
1688 
1689 /*
1690  * Sysfs attribute read function for all secure key ccadata binary attributes.
1691  * The implementation can not deal with partial reads, because a new random
1692  * protected key blob is generated with each read. In case of partial reads
1693  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1694  */
pkey_ccadata_aes_attr_read(u32 keytype,bool is_xts,char * buf,loff_t off,size_t count)1695 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1696 					  loff_t off, size_t count)
1697 {
1698 	int rc;
1699 	struct pkey_seckey *seckey = (struct pkey_seckey *) buf;
1700 
1701 	if (off != 0 || count < sizeof(struct secaeskeytoken))
1702 		return -EINVAL;
1703 	if (is_xts)
1704 		if (count < 2 * sizeof(struct secaeskeytoken))
1705 			return -EINVAL;
1706 
1707 	rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1708 	if (rc)
1709 		return rc;
1710 
1711 	if (is_xts) {
1712 		seckey++;
1713 		rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1714 		if (rc)
1715 			return rc;
1716 
1717 		return 2 * sizeof(struct secaeskeytoken);
1718 	}
1719 
1720 	return sizeof(struct secaeskeytoken);
1721 }
1722 
ccadata_aes_128_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1723 static ssize_t ccadata_aes_128_read(struct file *filp,
1724 				    struct kobject *kobj,
1725 				    struct bin_attribute *attr,
1726 				    char *buf, loff_t off,
1727 				    size_t count)
1728 {
1729 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1730 					  off, count);
1731 }
1732 
ccadata_aes_192_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1733 static ssize_t ccadata_aes_192_read(struct file *filp,
1734 				    struct kobject *kobj,
1735 				    struct bin_attribute *attr,
1736 				    char *buf, loff_t off,
1737 				    size_t count)
1738 {
1739 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1740 					  off, count);
1741 }
1742 
ccadata_aes_256_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1743 static ssize_t ccadata_aes_256_read(struct file *filp,
1744 				    struct kobject *kobj,
1745 				    struct bin_attribute *attr,
1746 				    char *buf, loff_t off,
1747 				    size_t count)
1748 {
1749 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1750 					  off, count);
1751 }
1752 
ccadata_aes_128_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1753 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1754 					struct kobject *kobj,
1755 					struct bin_attribute *attr,
1756 					char *buf, loff_t off,
1757 					size_t count)
1758 {
1759 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1760 					  off, count);
1761 }
1762 
ccadata_aes_256_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1763 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
1764 					struct kobject *kobj,
1765 					struct bin_attribute *attr,
1766 					char *buf, loff_t off,
1767 					size_t count)
1768 {
1769 	return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1770 					  off, count);
1771 }
1772 
1773 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
1774 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
1775 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
1776 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
1777 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
1778 
1779 static struct bin_attribute *ccadata_attrs[] = {
1780 	&bin_attr_ccadata_aes_128,
1781 	&bin_attr_ccadata_aes_192,
1782 	&bin_attr_ccadata_aes_256,
1783 	&bin_attr_ccadata_aes_128_xts,
1784 	&bin_attr_ccadata_aes_256_xts,
1785 	NULL
1786 };
1787 
1788 static struct attribute_group ccadata_attr_group = {
1789 	.name	   = "ccadata",
1790 	.bin_attrs = ccadata_attrs,
1791 };
1792 
1793 #define CCACIPHERTOKENSIZE	(sizeof(struct cipherkeytoken) + 80)
1794 
1795 /*
1796  * Sysfs attribute read function for all secure key ccacipher binary attributes.
1797  * The implementation can not deal with partial reads, because a new random
1798  * secure key blob is generated with each read. In case of partial reads
1799  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1800  */
pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,bool is_xts,char * buf,loff_t off,size_t count)1801 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
1802 					    bool is_xts, char *buf, loff_t off,
1803 					    size_t count)
1804 {
1805 	int i, rc, card, dom;
1806 	u32 nr_apqns, *apqns = NULL;
1807 	size_t keysize = CCACIPHERTOKENSIZE;
1808 
1809 	if (off != 0 || count < CCACIPHERTOKENSIZE)
1810 		return -EINVAL;
1811 	if (is_xts)
1812 		if (count < 2 * CCACIPHERTOKENSIZE)
1813 			return -EINVAL;
1814 
1815 	/* build a list of apqns able to generate an cipher key */
1816 	rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1817 			   ZCRYPT_CEX6, 0, 0, 0, 0);
1818 	if (rc)
1819 		return rc;
1820 
1821 	memset(buf, 0, is_xts ? 2 * keysize : keysize);
1822 
1823 	/* simple try all apqns from the list */
1824 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1825 		card = apqns[i] >> 16;
1826 		dom = apqns[i] & 0xFFFF;
1827 		rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1828 		if (rc == 0)
1829 			break;
1830 	}
1831 	if (rc)
1832 		return rc;
1833 
1834 	if (is_xts) {
1835 		keysize = CCACIPHERTOKENSIZE;
1836 		buf += CCACIPHERTOKENSIZE;
1837 		rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1838 		if (rc == 0)
1839 			return 2 * CCACIPHERTOKENSIZE;
1840 	}
1841 
1842 	return CCACIPHERTOKENSIZE;
1843 }
1844 
ccacipher_aes_128_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1845 static ssize_t ccacipher_aes_128_read(struct file *filp,
1846 				      struct kobject *kobj,
1847 				      struct bin_attribute *attr,
1848 				      char *buf, loff_t off,
1849 				      size_t count)
1850 {
1851 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1852 					    off, count);
1853 }
1854 
ccacipher_aes_192_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1855 static ssize_t ccacipher_aes_192_read(struct file *filp,
1856 				      struct kobject *kobj,
1857 				      struct bin_attribute *attr,
1858 				      char *buf, loff_t off,
1859 				      size_t count)
1860 {
1861 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1862 					    off, count);
1863 }
1864 
ccacipher_aes_256_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1865 static ssize_t ccacipher_aes_256_read(struct file *filp,
1866 				      struct kobject *kobj,
1867 				      struct bin_attribute *attr,
1868 				      char *buf, loff_t off,
1869 				      size_t count)
1870 {
1871 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1872 					    off, count);
1873 }
1874 
ccacipher_aes_128_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1875 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
1876 					  struct kobject *kobj,
1877 					  struct bin_attribute *attr,
1878 					  char *buf, loff_t off,
1879 					  size_t count)
1880 {
1881 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
1882 					    off, count);
1883 }
1884 
ccacipher_aes_256_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1885 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
1886 					  struct kobject *kobj,
1887 					  struct bin_attribute *attr,
1888 					  char *buf, loff_t off,
1889 					  size_t count)
1890 {
1891 	return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
1892 					    off, count);
1893 }
1894 
1895 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
1896 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
1897 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
1898 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
1899 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
1900 
1901 static struct bin_attribute *ccacipher_attrs[] = {
1902 	&bin_attr_ccacipher_aes_128,
1903 	&bin_attr_ccacipher_aes_192,
1904 	&bin_attr_ccacipher_aes_256,
1905 	&bin_attr_ccacipher_aes_128_xts,
1906 	&bin_attr_ccacipher_aes_256_xts,
1907 	NULL
1908 };
1909 
1910 static struct attribute_group ccacipher_attr_group = {
1911 	.name	   = "ccacipher",
1912 	.bin_attrs = ccacipher_attrs,
1913 };
1914 
1915 /*
1916  * Sysfs attribute read function for all ep11 aes key binary attributes.
1917  * The implementation can not deal with partial reads, because a new random
1918  * secure key blob is generated with each read. In case of partial reads
1919  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1920  * This function and the sysfs attributes using it provide EP11 key blobs
1921  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
1922  * 320 bytes.
1923  */
pkey_ep11_aes_attr_read(enum pkey_key_size keybits,bool is_xts,char * buf,loff_t off,size_t count)1924 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
1925 				       bool is_xts, char *buf, loff_t off,
1926 				       size_t count)
1927 {
1928 	int i, rc, card, dom;
1929 	u32 nr_apqns, *apqns = NULL;
1930 	size_t keysize = MAXEP11AESKEYBLOBSIZE;
1931 
1932 	if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
1933 		return -EINVAL;
1934 	if (is_xts)
1935 		if (count < 2 * MAXEP11AESKEYBLOBSIZE)
1936 			return -EINVAL;
1937 
1938 	/* build a list of apqns able to generate an cipher key */
1939 	rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1940 			    ZCRYPT_CEX7, EP11_API_V, NULL);
1941 	if (rc)
1942 		return rc;
1943 
1944 	memset(buf, 0, is_xts ? 2 * keysize : keysize);
1945 
1946 	/* simple try all apqns from the list */
1947 	for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1948 		card = apqns[i] >> 16;
1949 		dom = apqns[i] & 0xFFFF;
1950 		rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1951 		if (rc == 0)
1952 			break;
1953 	}
1954 	if (rc)
1955 		return rc;
1956 
1957 	if (is_xts) {
1958 		keysize = MAXEP11AESKEYBLOBSIZE;
1959 		buf += MAXEP11AESKEYBLOBSIZE;
1960 		rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1961 		if (rc == 0)
1962 			return 2 * MAXEP11AESKEYBLOBSIZE;
1963 	}
1964 
1965 	return MAXEP11AESKEYBLOBSIZE;
1966 }
1967 
ep11_aes_128_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1968 static ssize_t ep11_aes_128_read(struct file *filp,
1969 				 struct kobject *kobj,
1970 				 struct bin_attribute *attr,
1971 				 char *buf, loff_t off,
1972 				 size_t count)
1973 {
1974 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1975 				       off, count);
1976 }
1977 
ep11_aes_192_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1978 static ssize_t ep11_aes_192_read(struct file *filp,
1979 				 struct kobject *kobj,
1980 				 struct bin_attribute *attr,
1981 				 char *buf, loff_t off,
1982 				 size_t count)
1983 {
1984 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1985 				       off, count);
1986 }
1987 
ep11_aes_256_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1988 static ssize_t ep11_aes_256_read(struct file *filp,
1989 				 struct kobject *kobj,
1990 				 struct bin_attribute *attr,
1991 				 char *buf, loff_t off,
1992 				 size_t count)
1993 {
1994 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1995 				       off, count);
1996 }
1997 
ep11_aes_128_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)1998 static ssize_t ep11_aes_128_xts_read(struct file *filp,
1999 				     struct kobject *kobj,
2000 				     struct bin_attribute *attr,
2001 				     char *buf, loff_t off,
2002 				     size_t count)
2003 {
2004 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2005 				       off, count);
2006 }
2007 
ep11_aes_256_xts_read(struct file * filp,struct kobject * kobj,struct bin_attribute * attr,char * buf,loff_t off,size_t count)2008 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2009 				     struct kobject *kobj,
2010 				     struct bin_attribute *attr,
2011 				     char *buf, loff_t off,
2012 				     size_t count)
2013 {
2014 	return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2015 				       off, count);
2016 }
2017 
2018 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2019 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2020 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2021 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2022 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2023 
2024 static struct bin_attribute *ep11_attrs[] = {
2025 	&bin_attr_ep11_aes_128,
2026 	&bin_attr_ep11_aes_192,
2027 	&bin_attr_ep11_aes_256,
2028 	&bin_attr_ep11_aes_128_xts,
2029 	&bin_attr_ep11_aes_256_xts,
2030 	NULL
2031 };
2032 
2033 static struct attribute_group ep11_attr_group = {
2034 	.name	   = "ep11",
2035 	.bin_attrs = ep11_attrs,
2036 };
2037 
2038 static const struct attribute_group *pkey_attr_groups[] = {
2039 	&protkey_attr_group,
2040 	&ccadata_attr_group,
2041 	&ccacipher_attr_group,
2042 	&ep11_attr_group,
2043 	NULL,
2044 };
2045 
2046 static const struct file_operations pkey_fops = {
2047 	.owner		= THIS_MODULE,
2048 	.open		= nonseekable_open,
2049 	.llseek		= no_llseek,
2050 	.unlocked_ioctl = pkey_unlocked_ioctl,
2051 };
2052 
2053 static struct miscdevice pkey_dev = {
2054 	.name	= "pkey",
2055 	.minor	= MISC_DYNAMIC_MINOR,
2056 	.mode	= 0666,
2057 	.fops	= &pkey_fops,
2058 	.groups = pkey_attr_groups,
2059 };
2060 
2061 /*
2062  * Module init
2063  */
pkey_init(void)2064 static int __init pkey_init(void)
2065 {
2066 	cpacf_mask_t func_mask;
2067 
2068 	/*
2069 	 * The pckmo instruction should be available - even if we don't
2070 	 * actually invoke it. This instruction comes with MSA 3 which
2071 	 * is also the minimum level for the kmc instructions which
2072 	 * are able to work with protected keys.
2073 	 */
2074 	if (!cpacf_query(CPACF_PCKMO, &func_mask))
2075 		return -ENODEV;
2076 
2077 	/* check for kmc instructions available */
2078 	if (!cpacf_query(CPACF_KMC, &func_mask))
2079 		return -ENODEV;
2080 	if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) ||
2081 	    !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) ||
2082 	    !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256))
2083 		return -ENODEV;
2084 
2085 	pkey_debug_init();
2086 
2087 	return misc_register(&pkey_dev);
2088 }
2089 
2090 /*
2091  * Module exit
2092  */
pkey_exit(void)2093 static void __exit pkey_exit(void)
2094 {
2095 	misc_deregister(&pkey_dev);
2096 	pkey_debug_exit();
2097 }
2098 
2099 module_cpu_feature_match(MSA, pkey_init);
2100 module_exit(pkey_exit);
2101