cert_store.c source code [linux/arch/s390/kernel/cert_store.c]

1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	* DIAG 0x320 support and certificate store handling
4	*
5	* Copyright IBM Corp. 2023
6	* Author(s): Anastasia Eskova <anastasia.eskova@ibm.com>
7	*/
8
9	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10
11	#include <linux/delay.h>
12	#include <linux/device.h>
13	#include <linux/fs.h>
14	#include <linux/init.h>
15	#include <linux/kernel.h>
16	#include <linux/key-type.h>
17	#include <linux/key.h>
18	#include <linux/keyctl.h>
19	#include <linux/kobject.h>
20	#include <linux/module.h>
21	#include <linux/seq_file.h>
22	#include <linux/slab.h>
23	#include <linux/sysfs.h>
24	#include <crypto/sha2.h>
25	#include <keys/user-type.h>
26	#include <asm/debug.h>
27	#include <asm/diag.h>
28	#include <asm/ebcdic.h>
29	#include <asm/sclp.h>
30
31	#define DIAG_MAX_RETRIES 10
32
33	#define VCE_FLAGS_VALID_MASK 0x80
34
35	#define ISM_LEN_DWORDS 4
36	#define VCSSB_LEN_BYTES 128
37	#define VCSSB_LEN_NO_CERTS 4
38	#define VCB_LEN_NO_CERTS 64
39	#define VC_NAME_LEN_BYTES 64
40
41	#define CERT_STORE_KEY_TYPE_NAME "cert_store_key"
42	#define CERT_STORE_KEYRING_NAME "cert_store"
43
44	static debug_info_t *cert_store_dbf;
45	static debug_info_t *cert_store_hexdump;
46
47	#define pr_dbf_msg(fmt, ...) \
48	debug_sprintf_event(cert_store_dbf, 3, fmt "\n", ## __VA_ARGS__)
49
50	enum diag320_subcode {
51	DIAG320_SUBCODES = `0`,
52	DIAG320_STORAGE = `1`,
53	DIAG320_CERT_BLOCK = `2`,
54	};
55
56	enum diag320_rc {
57	DIAG320_RC_OK = `0x0001`,
58	DIAG320_RC_CS_NOMATCH = `0x0306`,
59	};
60
61	/ Verification Certificates Store Support Block (VCSSB). /
62	struct vcssb {
63	u32 vcssb_length;
64	u8 pad_0x04[`3`];
65	u8 version;
66	u8 pad_0x08[`8`];
67	u32 cs_token;
68	u8 pad_0x14[`12`];
69	u16 total_vc_index_count;
70	u16 max_vc_index_count;
71	u8 pad_0x24[`28`];
72	u32 max_vce_length;
73	u32 max_vcxe_length;
74	u8 pad_0x48[`8`];
75	u32 max_single_vcb_length;
76	u32 total_vcb_length;
77	u32 max_single_vcxb_length;
78	u32 total_vcxb_length;
79	u8 pad_0x60[`32`];
80	} __packed __aligned(`8`);
81
82	/ Verification Certificate Entry (VCE) Header. /
83	struct vce_header {
84	u32 vce_length;
85	u8 flags;
86	u8 key_type;
87	u16 vc_index;
88	u8 vc_name[VC_NAME_LEN_BYTES]; / EBCDIC /
89	u8 vc_format;
90	u8 pad_0x49;
91	u16 key_id_length;
92	u8 pad_0x4c;
93	u8 vc_hash_type;
94	u16 vc_hash_length;
95	u8 pad_0x50[`4`];
96	u32 vc_length;
97	u8 pad_0x58[`8`];
98	u16 vc_hash_offset;
99	u16 vc_offset;
100	u8 pad_0x64[`28`];
101	} __packed __aligned(`4`);
102
103	/ Verification Certificate Block (VCB) Header. /
104	struct vcb_header {
105	u32 vcb_input_length;
106	u8 pad_0x04[`4`];
107	u16 first_vc_index;
108	u16 last_vc_index;
109	u32 pad_0x0c;
110	u32 cs_token;
111	u8 pad_0x14[`12`];
112	u32 vcb_output_length;
113	u8 pad_0x24[`3`];
114	u8 version;
115	u16 stored_vc_count;
116	u16 remaining_vc_count;
117	u8 pad_0x2c[`20`];
118	} __packed __aligned(`4`);
119
120	/ Verification Certificate Block (VCB). /
121	struct vcb {
122	struct vcb_header vcb_hdr;
123	u8 vcb_buf[];
124	} __packed __aligned(`4`);
125
126	/ Verification Certificate Entry (VCE). /
127	struct vce {
128	struct vce_header vce_hdr;
129	u8 cert_data_buf[];
130	} __packed __aligned(`4`);
131
132	static void cert_store_key_describe(const struct key key, struct* seq_file *m)
133	{
134	char ascii[VC_NAME_LEN_BYTES + `1`];
135
136	/*
137	* First 64 bytes of the key description is key name in EBCDIC CP 500.
138	* Convert it to ASCII for displaying in /proc/keys.
139	*/
140	strscpy(p: ascii, q: key->description, size: sizeof(ascii));
141	EBCASC_500(ascii, VC_NAME_LEN_BYTES);
142	seq_puts(m, s: ascii);
143
144	seq_puts(m, s: &key->description[VC_NAME_LEN_BYTES]);
145	if (key_is_positive(key))
146	seq_printf(m, fmt: ": %u", key->datalen);
147	}
148
149	/*
150	* Certificate store key type takes over properties of
151	* user key but cannot be updated.
152	*/
153	static struct key_type key_type_cert_store_key = {
154	.name = CERT_STORE_KEY_TYPE_NAME,
155	.preparse = user_preparse,
156	.free_preparse = user_free_preparse,
157	.instantiate = generic_key_instantiate,
158	.revoke = user_revoke,
159	.destroy = user_destroy,
160	.describe = cert_store_key_describe,
161	.read = user_read,
162	};
163
164	/ Logging functions. /
165	static void pr_dbf_vcb(const struct vcb *b)
166	{
167	pr_dbf_msg("VCB Header:");
168	pr_dbf_msg("vcb_input_length: %d", b->vcb_hdr.vcb_input_length);
169	pr_dbf_msg("first_vc_index: %d", b->vcb_hdr.first_vc_index);
170	pr_dbf_msg("last_vc_index: %d", b->vcb_hdr.last_vc_index);
171	pr_dbf_msg("cs_token: %d", b->vcb_hdr.cs_token);
172	pr_dbf_msg("vcb_output_length: %d", b->vcb_hdr.vcb_output_length);
173	pr_dbf_msg("version: %d", b->vcb_hdr.version);
174	pr_dbf_msg("stored_vc_count: %d", b->vcb_hdr.stored_vc_count);
175	pr_dbf_msg("remaining_vc_count: %d", b->vcb_hdr.remaining_vc_count);
176	}
177
178	static void pr_dbf_vce(const struct vce *e)
179	{
180	unsigned char vc_name[VC_NAME_LEN_BYTES + `1`];
181	char log_string[VC_NAME_LEN_BYTES + `40`];
182
183	pr_dbf_msg("VCE Header:");
184	pr_dbf_msg("vce_hdr.vce_length: %d", e->vce_hdr.vce_length);
185	pr_dbf_msg("vce_hdr.flags: %d", e->vce_hdr.flags);
186	pr_dbf_msg("vce_hdr.key_type: %d", e->vce_hdr.key_type);
187	pr_dbf_msg("vce_hdr.vc_index: %d", e->vce_hdr.vc_index);
188	pr_dbf_msg("vce_hdr.vc_format: %d", e->vce_hdr.vc_format);
189	pr_dbf_msg("vce_hdr.key_id_length: %d", e->vce_hdr.key_id_length);
190	pr_dbf_msg("vce_hdr.vc_hash_type: %d", e->vce_hdr.vc_hash_type);
191	pr_dbf_msg("vce_hdr.vc_hash_length: %d", e->vce_hdr.vc_hash_length);
192	pr_dbf_msg("vce_hdr.vc_hash_offset: %d", e->vce_hdr.vc_hash_offset);
193	pr_dbf_msg("vce_hdr.vc_length: %d", e->vce_hdr.vc_length);
194	pr_dbf_msg("vce_hdr.vc_offset: %d", e->vce_hdr.vc_offset);
195
196	/ Certificate name in ASCII. /
197	memcpy(vc_name, e->vce_hdr.vc_name, VC_NAME_LEN_BYTES);
198	EBCASC_500(vc_name, VC_NAME_LEN_BYTES);
199	vc_name[VC_NAME_LEN_BYTES] = `'\0'`;
200
201	snprintf(buf: log_string, size: sizeof(log_string),
202	fmt: "index: %d vce_hdr.vc_name (ASCII): %s",
203	e->vce_hdr.vc_index, vc_name);
204	debug_text_event(cert_store_hexdump, `3`, log_string);
205
206	/ Certificate data. /
207	debug_text_event(cert_store_hexdump, `3`, "VCE: Certificate data start");
208	debug_event(cert_store_hexdump, `3`, (u8 *)e->cert_data_buf, `128`);
209	debug_text_event(cert_store_hexdump, `3`, "VCE: Certificate data end");
210	debug_event(cert_store_hexdump, `3`,
211	(u8 *)e->cert_data_buf + e->vce_hdr.vce_length - `128`, `128`);
212	}
213
214	static void pr_dbf_vcssb(const struct vcssb *s)
215	{
216	debug_text_event(cert_store_hexdump, `3`, "DIAG320 Subcode1");
217	debug_event(cert_store_hexdump, `3`, (u8 *)s, VCSSB_LEN_BYTES);
218
219	pr_dbf_msg("VCSSB:");
220	pr_dbf_msg("vcssb_length: %u", s->vcssb_length);
221	pr_dbf_msg("version: %u", s->version);
222	pr_dbf_msg("cs_token: %u", s->cs_token);
223	pr_dbf_msg("total_vc_index_count: %u", s->total_vc_index_count);
224	pr_dbf_msg("max_vc_index_count: %u", s->max_vc_index_count);
225	pr_dbf_msg("max_vce_length: %u", s->max_vce_length);
226	pr_dbf_msg("max_vcxe_length: %u", s->max_vce_length);
227	pr_dbf_msg("max_single_vcb_length: %u", s->max_single_vcb_length);
228	pr_dbf_msg("total_vcb_length: %u", s->total_vcb_length);
229	pr_dbf_msg("max_single_vcxb_length: %u", s->max_single_vcxb_length);
230	pr_dbf_msg("total_vcxb_length: %u", s->total_vcxb_length);
231	}
232
233	static int __diag320(unsigned long subcode, void *addr)
234	{
235	union register_pair rp = { .even = (unsigned long)addr, };
236
237	asm volatile(
238	" diag %[rp],%[subcode],0x320\n"
239	"0: nopr %%r7\n"
240	EX_TABLE(`0b`, `0b`)
241	: [rp] "+d" (rp.pair)
242	: [subcode] "d" (subcode)
243	: "cc", "memory");
244
245	return rp.odd;
246	}
247
248	static int diag320(unsigned long subcode, void *addr)
249	{
250	diag_stat_inc(DIAG_STAT_X320);
251
252	return __diag320(subcode, addr);
253	}
254
255	/*
256	* Calculate SHA256 hash of the VCE certificate and compare it to hash stored in
257	* VCE. Return -EINVAL if hashes don't match.
258	*/
259	static int check_certificate_hash(const struct vce *vce)
260	{
261	u8 hash[SHA256_DIGEST_SIZE];
262	u16 vc_hash_length;
263	u8 *vce_hash;
264
265	vce_hash = (u8 *)vce + vce->vce_hdr.vc_hash_offset;
266	vc_hash_length = vce->vce_hdr.vc_hash_length;
267	sha256(data: (u8 *)vce + vce->vce_hdr.vc_offset, len: vce->vce_hdr.vc_length, out: hash);
268	if (memcmp(p: vce_hash, q: hash, size: vc_hash_length) == `0`)
269	return `0`;
270
271	pr_dbf_msg("SHA256 hash of received certificate does not match");
272	debug_text_event(cert_store_hexdump, `3`, "VCE hash:");
273	debug_event(cert_store_hexdump, `3`, vce_hash, SHA256_DIGEST_SIZE);
274	debug_text_event(cert_store_hexdump, `3`, "Calculated hash:");
275	debug_event(cert_store_hexdump, `3`, hash, SHA256_DIGEST_SIZE);
276
277	return -EINVAL;
278	}
279
280	static int check_certificate_valid(const struct vce *vce)
281	{
282	if (!(vce->vce_hdr.flags & VCE_FLAGS_VALID_MASK)) {
283	pr_dbf_msg("Certificate entry is invalid");
284	return -EINVAL;
285	}
286	if (vce->vce_hdr.vc_format != `1`) {
287	pr_dbf_msg("Certificate format is not supported");
288	return -EINVAL;
289	}
290	if (vce->vce_hdr.vc_hash_type != `1`) {
291	pr_dbf_msg("Hash type is not supported");
292	return -EINVAL;
293	}
294
295	return check_certificate_hash(vce);
296	}
297
298	static struct key get_user_session_keyring(void*)
299	{
300	key_ref_t us_keyring_ref;
301
302	us_keyring_ref = lookup_user_key(KEY_SPEC_USER_SESSION_KEYRING,
303	flags: KEY_LOOKUP_CREATE, need_perm: KEY_NEED_LINK);
304	if (IS_ERR(ptr: us_keyring_ref)) {
305	pr_dbf_msg("Couldn't get user session keyring: %ld",
306	PTR_ERR(us_keyring_ref));
307	return ERR_PTR(error: -ENOKEY);
308	}
309	key_ref_put(key_ref: us_keyring_ref);
310	return key_ref_to_ptr(key_ref: us_keyring_ref);
311	}
312
313	/ Invalidate all keys from cert_store keyring. /
314	static int invalidate_keyring_keys(struct key *keyring)
315	{
316	unsigned long num_keys, key_index;
317	size_t keyring_payload_len;
318	key_serial_t *key_array;
319	struct key *current_key;
320	int rc;
321
322	keyring_payload_len = key_type_keyring.read(keyring, NULL, `0`);
323	num_keys = keyring_payload_len / sizeof(key_serial_t);
324	key_array = kcalloc(n: num_keys, size: sizeof(key_serial_t), GFP_KERNEL);
325	if (!key_array)
326	return -ENOMEM;
327
328	rc = key_type_keyring.read(keyring, (char *)key_array, keyring_payload_len);
329	if (rc != keyring_payload_len) {
330	pr_dbf_msg("Couldn't read keyring payload");
331	goto out;
332	}
333
334	for (key_index = `0`; key_index < num_keys; key_index++) {
335	current_key = key_lookup(id: key_array[key_index]);
336	pr_dbf_msg("Invalidating key %08x", current_key->serial);
337
338	key_invalidate(key: current_key);
339	key_put(key: current_key);
340	rc = key_unlink(keyring, key: current_key);
341	if (rc) {
342	pr_dbf_msg("Couldn't unlink key %08x: %d", current_key->serial, rc);
343	break;
344	}
345	}
346	out:
347	kfree(objp: key_array);
348	return rc;
349	}
350
351	static struct key find_cs_keyring(void*)
352	{
353	key_ref_t cs_keyring_ref;
354	struct key *cs_keyring;
355
356	cs_keyring_ref = keyring_search(keyring: make_key_ref(key: get_user_session_keyring(), possession: true),
357	type: &key_type_keyring, CERT_STORE_KEYRING_NAME,
358	recurse: false);
359	if (!IS_ERR(ptr: cs_keyring_ref)) {
360	cs_keyring = key_ref_to_ptr(key_ref: cs_keyring_ref);
361	key_ref_put(key_ref: cs_keyring_ref);
362	goto found;
363	}
364	/ Search default locations: thread, process, session keyrings /
365	cs_keyring = request_key(type: &key_type_keyring, CERT_STORE_KEYRING_NAME, NULL);
366	if (IS_ERR(ptr: cs_keyring))
367	return NULL;
368	key_put(key: cs_keyring);
369	found:
370	return cs_keyring;
371	}
372
373	static void cleanup_cs_keys(void)
374	{
375	struct key *cs_keyring;
376
377	cs_keyring = find_cs_keyring();
378	if (!cs_keyring)
379	return;
380
381	pr_dbf_msg("Found cert_store keyring. Purging...");
382	/*
383	* Remove cert_store_key_type in case invalidation
384	* of old cert_store keys failed (= severe error).
385	*/
386	if (invalidate_keyring_keys(keyring: cs_keyring))
387	unregister_key_type(ktype: &key_type_cert_store_key);
388
389	keyring_clear(keyring: cs_keyring);
390	key_invalidate(key: cs_keyring);
391	key_put(key: cs_keyring);
392	key_unlink(keyring: get_user_session_keyring(), key: cs_keyring);
393	}
394
395	static struct key create_cs_keyring(void*)
396	{
397	static struct key *cs_keyring;
398
399	/ Cleanup previous cs_keyring and all associated keys if any. /
400	cleanup_cs_keys();
401	cs_keyring = keyring_alloc(CERT_STORE_KEYRING_NAME, GLOBAL_ROOT_UID,
402	GLOBAL_ROOT_GID, current_cred(),
403	perm: (KEY_POS_ALL & ~KEY_POS_SETATTR) \| KEY_USR_VIEW \| KEY_USR_READ,
404	KEY_ALLOC_NOT_IN_QUOTA \| KEY_ALLOC_SET_KEEP,
405	NULL, dest: get_user_session_keyring());
406	if (IS_ERR(cs_keyring)) {
407	pr_dbf_msg("Can't allocate cert_store keyring");
408	return NULL;
409	}
410
411	pr_dbf_msg("Successfully allocated cert_store keyring: %08x", cs_keyring->serial);
412
413	/*
414	* In case a previous clean-up ran into an
415	* error and unregistered key type.
416	*/
417	register_key_type(&key_type_cert_store_key);
418
419	return cs_keyring;
420	}
421
422	/*
423	* Allocate memory and create key description in format
424	* [key name in EBCDIC]:[VCE index]:[CS token].
425	* Return a pointer to key description or NULL if memory
426	* allocation failed. Memory should be freed by caller.
427	*/
428	static char get_key_description(struct* vcssb vcssb, const* struct vce *vce)
429	{
430	size_t len, name_len;
431	u32 cs_token;
432	char *desc;
433
434	cs_token = vcssb->cs_token;
435	/ Description string contains "%64s:%05u:%010u\0". /
436	name_len = sizeof(vce->vce_hdr.vc_name);
437	len = name_len + `1` + `5` + `1` + `10` + `1`;
438	desc = kmalloc(size: len, GFP_KERNEL);
439	if (!desc)
440	return NULL;
441
442	memcpy(desc, vce->vce_hdr.vc_name, name_len);
443	snprintf(buf: desc + name_len, size: len - name_len, fmt: ":%05u:%010u",
444	vce->vce_hdr.vc_index, cs_token);
445
446	return desc;
447	}
448
449	/*
450	* Create a key of type "cert_store_key" using the data from VCE for key
451	* payload and key description. Link the key to "cert_store" keyring.
452	*/
453	static int create_key_from_vce(struct vcssb vcssb, struct* vce *vce,
454	struct key *keyring)
455	{
456	key_ref_t newkey;
457	char *desc;
458	int rc;
459
460	desc = get_key_description(vcssb, vce);
461	if (!desc)
462	return -ENOMEM;
463
464	newkey = key_create_or_update(
465	keyring: make_key_ref(key: keyring, possession: true), CERT_STORE_KEY_TYPE_NAME,
466	description: desc, payload: (u8 *)vce + vce->vce_hdr.vc_offset,
467	plen: vce->vce_hdr.vc_length,
468	perm: (KEY_POS_ALL & ~KEY_POS_SETATTR) \| KEY_USR_VIEW \| KEY_USR_READ,
469	KEY_ALLOC_NOT_IN_QUOTA);
470
471	rc = PTR_ERR_OR_ZERO(ptr: newkey);
472	if (rc) {
473	pr_dbf_msg("Couldn't create a key from Certificate Entry (%d)", rc);
474	rc = -ENOKEY;
475	goto out;
476	}
477
478	key_ref_put(key_ref: newkey);
479	out:
480	kfree(objp: desc);
481	return rc;
482	}
483
484	/ Get Verification Certificate Storage Size block with DIAG320 subcode2. /
485	static int get_vcssb(struct vcssb *vcssb)
486	{
487	int diag320_rc;
488
489	memset(vcssb, `0`, sizeof(*vcssb));
490	vcssb->vcssb_length = VCSSB_LEN_BYTES;
491	diag320_rc = diag320(subcode: DIAG320_STORAGE, addr: vcssb);
492	pr_dbf_vcssb(s: vcssb);
493
494	if (diag320_rc != DIAG320_RC_OK) {
495	pr_dbf_msg("Diag 320 Subcode 1 returned bad RC: %04x", diag320_rc);
496	return -EIO;
497	}
498	if (vcssb->vcssb_length == VCSSB_LEN_NO_CERTS) {
499	pr_dbf_msg("No certificates available for current configuration");
500	return -ENOKEY;
501	}
502
503	return `0`;
504	}
505
506	static u32 get_4k_mult_vcb_size(struct vcssb *vcssb)
507	{
508	return round_up(vcssb->max_single_vcb_length, PAGE_SIZE);
509	}
510
511	/ Fill input fields of single-entry VCB that will be read by LPAR. /
512	static void fill_vcb_input(struct vcssb vcssb, struct* vcb *vcb, u16 index)
513	{
514	memset(vcb, `0`, sizeof(*vcb));
515	vcb->vcb_hdr.vcb_input_length = get_4k_mult_vcb_size(vcssb);
516	vcb->vcb_hdr.cs_token = vcssb->cs_token;
517
518	/ Request single entry. /
519	vcb->vcb_hdr.first_vc_index = index;
520	vcb->vcb_hdr.last_vc_index = index;
521	}
522
523	static void extract_vce_from_sevcb(struct vcb vcb, struct* vce *vce)
524	{
525	struct vce *extracted_vce;
526
527	extracted_vce = (struct vce *)vcb->vcb_buf;
528	memcpy(vce, vcb->vcb_buf, extracted_vce->vce_hdr.vce_length);
529	pr_dbf_vce(e: vce);
530	}
531
532	static int get_sevcb(struct vcssb vcssb, u16 index, struct* vcb *vcb)
533	{
534	int rc, diag320_rc;
535
536	fill_vcb_input(vcssb, vcb, index);
537
538	diag320_rc = diag320(subcode: DIAG320_CERT_BLOCK, addr: vcb);
539	pr_dbf_msg("Diag 320 Subcode2 RC %2x", diag320_rc);
540	pr_dbf_vcb(b: vcb);
541
542	switch (diag320_rc) {
543	case DIAG320_RC_OK:
544	rc = `0`;
545	if (vcb->vcb_hdr.vcb_output_length == VCB_LEN_NO_CERTS) {
546	pr_dbf_msg("No certificate entry for index %u", index);
547	rc = -ENOKEY;
548	} else if (vcb->vcb_hdr.remaining_vc_count != `0`) {
549	/ Retry on insufficient space. /
550	pr_dbf_msg("Couldn't get all requested certificates");
551	rc = -EAGAIN;
552	}
553	break;
554	case DIAG320_RC_CS_NOMATCH:
555	pr_dbf_msg("Certificate Store token mismatch");
556	rc = -EAGAIN;
557	break;
558	default:
559	pr_dbf_msg("Diag 320 Subcode2 returned bad rc (0x%4x)", diag320_rc);
560	rc = -EINVAL;
561	break;
562	}
563
564	return rc;
565	}
566
567	/*
568	* Allocate memory for single-entry VCB, get VCB via DIAG320 subcode 2 call,
569	* extract VCE and create a key from its' certificate.
570	*/
571	static int create_key_from_sevcb(struct vcssb *vcssb, u16 index,
572	struct key *keyring)
573	{
574	struct vcb *vcb;
575	struct vce *vce;
576	int rc;
577
578	rc = -ENOMEM;
579	vcb = vmalloc(get_4k_mult_vcb_size(vcssb));
580	vce = vmalloc(vcssb->max_single_vcb_length - sizeof(vcb->vcb_hdr));
581	if (!vcb \|\| !vce)
582	goto out;
583
584	rc = get_sevcb(vcssb, index, vcb);
585	if (rc)
586	goto out;
587
588	extract_vce_from_sevcb(vcb, vce);
589	rc = check_certificate_valid(vce);
590	if (rc)
591	goto out;
592
593	rc = create_key_from_vce(vcssb, vce, keyring);
594	if (rc)
595	goto out;
596
597	pr_dbf_msg("Successfully created key from Certificate Entry %d", index);
598	out:
599	vfree(vce);
600	vfree(vcb);
601	return rc;
602	}
603
604	/*
605	* Request a single-entry VCB for each VCE available for the partition.
606	* Create a key from it and link it to cert_store keyring. If no keys
607	* could be created (i.e. VCEs were invalid) return -ENOKEY.
608	*/
609	static int add_certificates_to_keyring(struct vcssb vcssb, struct* key *keyring)
610	{
611	int rc, index, count, added;
612
613	count = `0`;
614	added = `0`;
615	/ Certificate Store entries indices start with 1 and have no gaps. /
616	for (index = `1`; index < vcssb->total_vc_index_count + `1`; index++) {
617	pr_dbf_msg("Creating key from VCE %u", index);
618	rc = create_key_from_sevcb(vcssb, index, keyring);
619	count++;
620
621	if (rc == -EAGAIN)
622	return rc;
623
624	if (rc)
625	pr_dbf_msg("Creating key from VCE %u failed (%d)", index, rc);
626	else
627	added++;
628	}
629
630	if (added == `0`) {
631	pr_dbf_msg("Processed %d entries. No keys created", count);
632	return -ENOKEY;
633	}
634
635	pr_info("Added %d of %d keys to cert_store keyring", added, count);
636
637	/*
638	* Do not allow to link more keys to certificate store keyring after all
639	* the VCEs were processed.
640	*/
641	rc = keyring_restrict(keyring: make_key_ref(key: keyring, possession: true), NULL, NULL);
642	if (rc)
643	pr_dbf_msg("Failed to set restriction to cert_store keyring (%d)", rc);
644
645	return `0`;
646	}
647
648	/*
649	* Check which DIAG320 subcodes are installed.
650	* Return -ENOENT if subcodes 1 or 2 are not available.
651	*/
652	static int query_diag320_subcodes(void)
653	{
654	unsigned long ism[ISM_LEN_DWORDS];
655	int rc;
656
657	rc = diag320(subcode: `0`, addr: ism);
658	if (rc != DIAG320_RC_OK) {
659	pr_dbf_msg("DIAG320 subcode query returned %04x", rc);
660	return -ENOENT;
661	}
662
663	debug_text_event(cert_store_hexdump, `3`, "DIAG320 Subcode 0");
664	debug_event(cert_store_hexdump, `3`, ism, sizeof(ism));
665
666	if (!test_bit_inv(`1`, ism) \|\| !test_bit_inv(`2`, ism)) {
667	pr_dbf_msg("Not all required DIAG320 subcodes are installed");
668	return -ENOENT;
669	}
670
671	return `0`;
672	}
673
674	/*
675	* Check if Certificate Store is supported by the firmware and DIAG320 subcodes
676	* 1 and 2 are installed. Create cert_store keyring and link all certificates
677	* available for the current partition to it as "cert_store_key" type
678	* keys. On refresh or error invalidate cert_store keyring and destroy
679	* all keys of "cert_store_key" type.
680	*/
681	static int fill_cs_keyring(void)
682	{
683	struct key *cs_keyring;
684	struct vcssb *vcssb;
685	int rc;
686
687	rc = -ENOMEM;
688	vcssb = kmalloc(VCSSB_LEN_BYTES, GFP_KERNEL);
689	if (!vcssb)
690	goto cleanup_keys;
691
692	rc = -ENOENT;
693	if (!sclp.has_diag320) {
694	pr_dbf_msg("Certificate Store is not supported");
695	goto cleanup_keys;
696	}
697
698	rc = query_diag320_subcodes();
699	if (rc)
700	goto cleanup_keys;
701
702	rc = get_vcssb(vcssb);
703	if (rc)
704	goto cleanup_keys;
705
706	rc = -ENOMEM;
707	cs_keyring = create_cs_keyring();
708	if (!cs_keyring)
709	goto cleanup_keys;
710
711	rc = add_certificates_to_keyring(vcssb, keyring: cs_keyring);
712	if (rc)
713	goto cleanup_cs_keyring;
714
715	goto out;
716
717	cleanup_cs_keyring:
718	key_put(key: cs_keyring);
719	cleanup_keys:
720	cleanup_cs_keys();
721	out:
722	kfree(objp: vcssb);
723	return rc;
724	}
725
726	static DEFINE_MUTEX(cs_refresh_lock);
727	static int cs_status_val = -`1`;
728
729	static ssize_t cs_status_show(struct kobject *kobj,
730	struct kobj_attribute attr, char* *buf)
731	{
732	if (cs_status_val == -`1`)
733	return sysfs_emit(buf, fmt: "uninitialized\n");
734	else if (cs_status_val == `0`)
735	return sysfs_emit(buf, fmt: "ok\n");
736
737	return sysfs_emit(buf, fmt: "failed (%d)\n", cs_status_val);
738	}
739
740	static struct kobj_attribute cs_status_attr = __ATTR_RO(cs_status);
741
742	static ssize_t refresh_store(struct kobject kobj, struct* kobj_attribute *attr,
743	const char *buf, size_t count)
744	{
745	int rc, retries;
746
747	pr_dbf_msg("Refresh certificate store information requested");
748	rc = mutex_lock_interruptible(&cs_refresh_lock);
749	if (rc)
750	return rc;
751
752	for (retries = `0`; retries < DIAG_MAX_RETRIES; retries++) {
753	/ Request certificates from certificate store. /
754	rc = fill_cs_keyring();
755	if (rc)
756	pr_dbf_msg("Failed to refresh certificate store information (%d)", rc);
757	if (rc != -EAGAIN)
758	break;
759	}
760	cs_status_val = rc;
761	mutex_unlock(lock: &cs_refresh_lock);
762
763	return rc ?: count;
764	}
765
766	static struct kobj_attribute refresh_attr = __ATTR_WO(refresh);
767
768	static const struct attribute *cert_store_attrs[] __initconst = {
769	&cs_status_attr.attr,
770	&refresh_attr.attr,
771	NULL,
772	};
773
774	static struct kobject *cert_store_kobj;
775
776	static int __init cert_store_init(void)
777	{
778	int rc = -ENOMEM;
779
780	cert_store_dbf = debug_register("cert_store_msg", `10`, `1`, `64`);
781	if (!cert_store_dbf)
782	goto cleanup_dbf;
783
784	cert_store_hexdump = debug_register("cert_store_hexdump", `3`, `1`, `128`);
785	if (!cert_store_hexdump)
786	goto cleanup_dbf;
787
788	debug_register_view(cert_store_hexdump, &debug_hex_ascii_view);
789	debug_register_view(cert_store_dbf, &debug_sprintf_view);
790
791	/ Create directory /sys/firmware/cert_store. /
792	cert_store_kobj = kobject_create_and_add(name: "cert_store", parent: firmware_kobj);
793	if (!cert_store_kobj)
794	goto cleanup_dbf;
795
796	rc = sysfs_create_files(kobj: cert_store_kobj, attr: cert_store_attrs);
797	if (rc)
798	goto cleanup_kobj;
799
800	register_key_type(ktype: &key_type_cert_store_key);
801
802	return rc;
803
804	cleanup_kobj:
805	kobject_put(kobj: cert_store_kobj);
806	cleanup_dbf:
807	debug_unregister(cert_store_dbf);
808	debug_unregister(cert_store_hexdump);
809
810	return rc;
811	}
812	device_initcall(cert_store_init);
813

source code of linux/arch/s390/kernel/cert_store.c