1 | // SPDX-License-Identifier: GPL-2.0+ |
2 | /* |
3 | * Copyright IBM Corp. 2001, 2018 |
4 | * Author(s): Robert Burroughs |
5 | * Eric Rossman (edrossma@us.ibm.com) |
6 | * Cornelia Huck <cornelia.huck@de.ibm.com> |
7 | * |
8 | * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) |
9 | * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com> |
10 | * Ralph Wuerthner <rwuerthn@de.ibm.com> |
11 | * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com> |
12 | * Multiple device nodes: Harald Freudenberger <freude@linux.ibm.com> |
13 | */ |
14 | |
15 | #include <linux/module.h> |
16 | #include <linux/init.h> |
17 | #include <linux/interrupt.h> |
18 | #include <linux/miscdevice.h> |
19 | #include <linux/fs.h> |
20 | #include <linux/compat.h> |
21 | #include <linux/slab.h> |
22 | #include <linux/atomic.h> |
23 | #include <linux/uaccess.h> |
24 | #include <linux/hw_random.h> |
25 | #include <linux/debugfs.h> |
26 | #include <linux/cdev.h> |
27 | #include <linux/ctype.h> |
28 | #include <linux/capability.h> |
29 | #include <asm/debug.h> |
30 | |
31 | #define CREATE_TRACE_POINTS |
32 | #include <asm/trace/zcrypt.h> |
33 | |
34 | #include "zcrypt_api.h" |
35 | #include "zcrypt_debug.h" |
36 | |
37 | #include "zcrypt_msgtype6.h" |
38 | #include "zcrypt_msgtype50.h" |
39 | #include "zcrypt_ccamisc.h" |
40 | #include "zcrypt_ep11misc.h" |
41 | |
42 | /* |
43 | * Module description. |
44 | */ |
45 | MODULE_AUTHOR("IBM Corporation" ); |
46 | MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " \ |
47 | "Copyright IBM Corp. 2001, 2012" ); |
48 | MODULE_LICENSE("GPL" ); |
49 | |
50 | /* |
51 | * zcrypt tracepoint functions |
52 | */ |
53 | EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_req); |
54 | EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_rep); |
55 | |
56 | DEFINE_SPINLOCK(zcrypt_list_lock); |
57 | LIST_HEAD(zcrypt_card_list); |
58 | |
59 | static atomic_t zcrypt_open_count = ATOMIC_INIT(0); |
60 | static atomic_t zcrypt_rescan_count = ATOMIC_INIT(0); |
61 | |
62 | atomic_t zcrypt_rescan_req = ATOMIC_INIT(0); |
63 | EXPORT_SYMBOL(zcrypt_rescan_req); |
64 | |
65 | static LIST_HEAD(zcrypt_ops_list); |
66 | |
67 | /* Zcrypt related debug feature stuff. */ |
68 | debug_info_t *zcrypt_dbf_info; |
69 | |
70 | /* |
71 | * Process a rescan of the transport layer. |
72 | * |
73 | * Returns 1, if the rescan has been processed, otherwise 0. |
74 | */ |
75 | static inline int zcrypt_process_rescan(void) |
76 | { |
77 | if (atomic_read(v: &zcrypt_rescan_req)) { |
78 | atomic_set(v: &zcrypt_rescan_req, i: 0); |
79 | atomic_inc(v: &zcrypt_rescan_count); |
80 | ap_bus_force_rescan(); |
81 | ZCRYPT_DBF_INFO("%s rescan count=%07d\n" , __func__, |
82 | atomic_inc_return(&zcrypt_rescan_count)); |
83 | return 1; |
84 | } |
85 | return 0; |
86 | } |
87 | |
88 | void zcrypt_msgtype_register(struct zcrypt_ops *zops) |
89 | { |
90 | list_add_tail(new: &zops->list, head: &zcrypt_ops_list); |
91 | } |
92 | |
93 | void zcrypt_msgtype_unregister(struct zcrypt_ops *zops) |
94 | { |
95 | list_del_init(entry: &zops->list); |
96 | } |
97 | |
98 | struct zcrypt_ops *zcrypt_msgtype(unsigned char *name, int variant) |
99 | { |
100 | struct zcrypt_ops *zops; |
101 | |
102 | list_for_each_entry(zops, &zcrypt_ops_list, list) |
103 | if (zops->variant == variant && |
104 | (!strncmp(zops->name, name, sizeof(zops->name)))) |
105 | return zops; |
106 | return NULL; |
107 | } |
108 | EXPORT_SYMBOL(zcrypt_msgtype); |
109 | |
110 | /* |
111 | * Multi device nodes extension functions. |
112 | */ |
113 | |
114 | struct zcdn_device; |
115 | |
116 | static struct class *zcrypt_class; |
117 | static dev_t zcrypt_devt; |
118 | static struct cdev zcrypt_cdev; |
119 | |
120 | struct zcdn_device { |
121 | struct device device; |
122 | struct ap_perms perms; |
123 | }; |
124 | |
125 | #define to_zcdn_dev(x) container_of((x), struct zcdn_device, device) |
126 | |
127 | #define ZCDN_MAX_NAME 32 |
128 | |
129 | static int zcdn_create(const char *name); |
130 | static int zcdn_destroy(const char *name); |
131 | |
132 | /* |
133 | * Find zcdn device by name. |
134 | * Returns reference to the zcdn device which needs to be released |
135 | * with put_device() after use. |
136 | */ |
137 | static inline struct zcdn_device *find_zcdndev_by_name(const char *name) |
138 | { |
139 | struct device *dev = class_find_device_by_name(class: zcrypt_class, name); |
140 | |
141 | return dev ? to_zcdn_dev(dev) : NULL; |
142 | } |
143 | |
144 | /* |
145 | * Find zcdn device by devt value. |
146 | * Returns reference to the zcdn device which needs to be released |
147 | * with put_device() after use. |
148 | */ |
149 | static inline struct zcdn_device *find_zcdndev_by_devt(dev_t devt) |
150 | { |
151 | struct device *dev = class_find_device_by_devt(class: zcrypt_class, devt); |
152 | |
153 | return dev ? to_zcdn_dev(dev) : NULL; |
154 | } |
155 | |
156 | static ssize_t ioctlmask_show(struct device *dev, |
157 | struct device_attribute *attr, |
158 | char *buf) |
159 | { |
160 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
161 | int i, n; |
162 | |
163 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
164 | return -ERESTARTSYS; |
165 | |
166 | n = sysfs_emit(buf, fmt: "0x" ); |
167 | for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++) |
168 | n += sysfs_emit_at(buf, at: n, fmt: "%016lx" , zcdndev->perms.ioctlm[i]); |
169 | n += sysfs_emit_at(buf, at: n, fmt: "\n" ); |
170 | |
171 | mutex_unlock(lock: &ap_perms_mutex); |
172 | |
173 | return n; |
174 | } |
175 | |
176 | static ssize_t ioctlmask_store(struct device *dev, |
177 | struct device_attribute *attr, |
178 | const char *buf, size_t count) |
179 | { |
180 | int rc; |
181 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
182 | |
183 | rc = ap_parse_mask_str(str: buf, bitmap: zcdndev->perms.ioctlm, |
184 | AP_IOCTLS, lock: &ap_perms_mutex); |
185 | if (rc) |
186 | return rc; |
187 | |
188 | return count; |
189 | } |
190 | |
191 | static DEVICE_ATTR_RW(ioctlmask); |
192 | |
193 | static ssize_t apmask_show(struct device *dev, |
194 | struct device_attribute *attr, |
195 | char *buf) |
196 | { |
197 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
198 | int i, n; |
199 | |
200 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
201 | return -ERESTARTSYS; |
202 | |
203 | n = sysfs_emit(buf, fmt: "0x" ); |
204 | for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++) |
205 | n += sysfs_emit_at(buf, at: n, fmt: "%016lx" , zcdndev->perms.apm[i]); |
206 | n += sysfs_emit_at(buf, at: n, fmt: "\n" ); |
207 | |
208 | mutex_unlock(lock: &ap_perms_mutex); |
209 | |
210 | return n; |
211 | } |
212 | |
213 | static ssize_t apmask_store(struct device *dev, |
214 | struct device_attribute *attr, |
215 | const char *buf, size_t count) |
216 | { |
217 | int rc; |
218 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
219 | |
220 | rc = ap_parse_mask_str(str: buf, bitmap: zcdndev->perms.apm, |
221 | AP_DEVICES, lock: &ap_perms_mutex); |
222 | if (rc) |
223 | return rc; |
224 | |
225 | return count; |
226 | } |
227 | |
228 | static DEVICE_ATTR_RW(apmask); |
229 | |
230 | static ssize_t aqmask_show(struct device *dev, |
231 | struct device_attribute *attr, |
232 | char *buf) |
233 | { |
234 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
235 | int i, n; |
236 | |
237 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
238 | return -ERESTARTSYS; |
239 | |
240 | n = sysfs_emit(buf, fmt: "0x" ); |
241 | for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++) |
242 | n += sysfs_emit_at(buf, at: n, fmt: "%016lx" , zcdndev->perms.aqm[i]); |
243 | n += sysfs_emit_at(buf, at: n, fmt: "\n" ); |
244 | |
245 | mutex_unlock(lock: &ap_perms_mutex); |
246 | |
247 | return n; |
248 | } |
249 | |
250 | static ssize_t aqmask_store(struct device *dev, |
251 | struct device_attribute *attr, |
252 | const char *buf, size_t count) |
253 | { |
254 | int rc; |
255 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
256 | |
257 | rc = ap_parse_mask_str(str: buf, bitmap: zcdndev->perms.aqm, |
258 | AP_DOMAINS, lock: &ap_perms_mutex); |
259 | if (rc) |
260 | return rc; |
261 | |
262 | return count; |
263 | } |
264 | |
265 | static DEVICE_ATTR_RW(aqmask); |
266 | |
267 | static ssize_t admask_show(struct device *dev, |
268 | struct device_attribute *attr, |
269 | char *buf) |
270 | { |
271 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
272 | int i, n; |
273 | |
274 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
275 | return -ERESTARTSYS; |
276 | |
277 | n = sysfs_emit(buf, fmt: "0x" ); |
278 | for (i = 0; i < sizeof(zcdndev->perms.adm) / sizeof(long); i++) |
279 | n += sysfs_emit_at(buf, at: n, fmt: "%016lx" , zcdndev->perms.adm[i]); |
280 | n += sysfs_emit_at(buf, at: n, fmt: "\n" ); |
281 | |
282 | mutex_unlock(lock: &ap_perms_mutex); |
283 | |
284 | return n; |
285 | } |
286 | |
287 | static ssize_t admask_store(struct device *dev, |
288 | struct device_attribute *attr, |
289 | const char *buf, size_t count) |
290 | { |
291 | int rc; |
292 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
293 | |
294 | rc = ap_parse_mask_str(str: buf, bitmap: zcdndev->perms.adm, |
295 | AP_DOMAINS, lock: &ap_perms_mutex); |
296 | if (rc) |
297 | return rc; |
298 | |
299 | return count; |
300 | } |
301 | |
302 | static DEVICE_ATTR_RW(admask); |
303 | |
304 | static struct attribute *zcdn_dev_attrs[] = { |
305 | &dev_attr_ioctlmask.attr, |
306 | &dev_attr_apmask.attr, |
307 | &dev_attr_aqmask.attr, |
308 | &dev_attr_admask.attr, |
309 | NULL |
310 | }; |
311 | |
312 | static struct attribute_group zcdn_dev_attr_group = { |
313 | .attrs = zcdn_dev_attrs |
314 | }; |
315 | |
316 | static const struct attribute_group *zcdn_dev_attr_groups[] = { |
317 | &zcdn_dev_attr_group, |
318 | NULL |
319 | }; |
320 | |
321 | static ssize_t zcdn_create_store(const struct class *class, |
322 | const struct class_attribute *attr, |
323 | const char *buf, size_t count) |
324 | { |
325 | int rc; |
326 | char name[ZCDN_MAX_NAME]; |
327 | |
328 | strscpy(p: name, q: skip_spaces(buf), size: sizeof(name)); |
329 | |
330 | rc = zcdn_create(name: strim(name)); |
331 | |
332 | return rc ? rc : count; |
333 | } |
334 | |
335 | static const struct class_attribute class_attr_zcdn_create = |
336 | __ATTR(create, 0600, NULL, zcdn_create_store); |
337 | |
338 | static ssize_t zcdn_destroy_store(const struct class *class, |
339 | const struct class_attribute *attr, |
340 | const char *buf, size_t count) |
341 | { |
342 | int rc; |
343 | char name[ZCDN_MAX_NAME]; |
344 | |
345 | strscpy(p: name, q: skip_spaces(buf), size: sizeof(name)); |
346 | |
347 | rc = zcdn_destroy(name: strim(name)); |
348 | |
349 | return rc ? rc : count; |
350 | } |
351 | |
352 | static const struct class_attribute class_attr_zcdn_destroy = |
353 | __ATTR(destroy, 0600, NULL, zcdn_destroy_store); |
354 | |
355 | static void zcdn_device_release(struct device *dev) |
356 | { |
357 | struct zcdn_device *zcdndev = to_zcdn_dev(dev); |
358 | |
359 | ZCRYPT_DBF_INFO("%s releasing zcdn device %d:%d\n" , |
360 | __func__, MAJOR(dev->devt), MINOR(dev->devt)); |
361 | |
362 | kfree(objp: zcdndev); |
363 | } |
364 | |
365 | static int zcdn_create(const char *name) |
366 | { |
367 | dev_t devt; |
368 | int i, rc = 0; |
369 | struct zcdn_device *zcdndev; |
370 | |
371 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
372 | return -ERESTARTSYS; |
373 | |
374 | /* check if device node with this name already exists */ |
375 | if (name[0]) { |
376 | zcdndev = find_zcdndev_by_name(name); |
377 | if (zcdndev) { |
378 | put_device(dev: &zcdndev->device); |
379 | rc = -EEXIST; |
380 | goto unlockout; |
381 | } |
382 | } |
383 | |
384 | /* find an unused minor number */ |
385 | for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) { |
386 | devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i); |
387 | zcdndev = find_zcdndev_by_devt(devt); |
388 | if (zcdndev) |
389 | put_device(dev: &zcdndev->device); |
390 | else |
391 | break; |
392 | } |
393 | if (i == ZCRYPT_MAX_MINOR_NODES) { |
394 | rc = -ENOSPC; |
395 | goto unlockout; |
396 | } |
397 | |
398 | /* alloc and prepare a new zcdn device */ |
399 | zcdndev = kzalloc(size: sizeof(*zcdndev), GFP_KERNEL); |
400 | if (!zcdndev) { |
401 | rc = -ENOMEM; |
402 | goto unlockout; |
403 | } |
404 | zcdndev->device.release = zcdn_device_release; |
405 | zcdndev->device.class = zcrypt_class; |
406 | zcdndev->device.devt = devt; |
407 | zcdndev->device.groups = zcdn_dev_attr_groups; |
408 | if (name[0]) |
409 | rc = dev_set_name(dev: &zcdndev->device, name: "%s" , name); |
410 | else |
411 | rc = dev_set_name(&zcdndev->device, ZCRYPT_NAME "_%d" , (int)MINOR(devt)); |
412 | if (rc) { |
413 | kfree(objp: zcdndev); |
414 | goto unlockout; |
415 | } |
416 | rc = device_register(dev: &zcdndev->device); |
417 | if (rc) { |
418 | put_device(dev: &zcdndev->device); |
419 | goto unlockout; |
420 | } |
421 | |
422 | ZCRYPT_DBF_INFO("%s created zcdn device %d:%d\n" , |
423 | __func__, MAJOR(devt), MINOR(devt)); |
424 | |
425 | unlockout: |
426 | mutex_unlock(lock: &ap_perms_mutex); |
427 | return rc; |
428 | } |
429 | |
430 | static int zcdn_destroy(const char *name) |
431 | { |
432 | int rc = 0; |
433 | struct zcdn_device *zcdndev; |
434 | |
435 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
436 | return -ERESTARTSYS; |
437 | |
438 | /* try to find this zcdn device */ |
439 | zcdndev = find_zcdndev_by_name(name); |
440 | if (!zcdndev) { |
441 | rc = -ENOENT; |
442 | goto unlockout; |
443 | } |
444 | |
445 | /* |
446 | * The zcdn device is not hard destroyed. It is subject to |
447 | * reference counting and thus just needs to be unregistered. |
448 | */ |
449 | put_device(dev: &zcdndev->device); |
450 | device_unregister(dev: &zcdndev->device); |
451 | |
452 | unlockout: |
453 | mutex_unlock(lock: &ap_perms_mutex); |
454 | return rc; |
455 | } |
456 | |
457 | static void zcdn_destroy_all(void) |
458 | { |
459 | int i; |
460 | dev_t devt; |
461 | struct zcdn_device *zcdndev; |
462 | |
463 | mutex_lock(&ap_perms_mutex); |
464 | for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) { |
465 | devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i); |
466 | zcdndev = find_zcdndev_by_devt(devt); |
467 | if (zcdndev) { |
468 | put_device(dev: &zcdndev->device); |
469 | device_unregister(dev: &zcdndev->device); |
470 | } |
471 | } |
472 | mutex_unlock(lock: &ap_perms_mutex); |
473 | } |
474 | |
475 | /* |
476 | * zcrypt_read (): Not supported beyond zcrypt 1.3.1. |
477 | * |
478 | * This function is not supported beyond zcrypt 1.3.1. |
479 | */ |
480 | static ssize_t zcrypt_read(struct file *filp, char __user *buf, |
481 | size_t count, loff_t *f_pos) |
482 | { |
483 | return -EPERM; |
484 | } |
485 | |
486 | /* |
487 | * zcrypt_write(): Not allowed. |
488 | * |
489 | * Write is not allowed |
490 | */ |
491 | static ssize_t zcrypt_write(struct file *filp, const char __user *buf, |
492 | size_t count, loff_t *f_pos) |
493 | { |
494 | return -EPERM; |
495 | } |
496 | |
497 | /* |
498 | * zcrypt_open(): Count number of users. |
499 | * |
500 | * Device open function to count number of users. |
501 | */ |
502 | static int zcrypt_open(struct inode *inode, struct file *filp) |
503 | { |
504 | struct ap_perms *perms = &ap_perms; |
505 | |
506 | if (filp->f_inode->i_cdev == &zcrypt_cdev) { |
507 | struct zcdn_device *zcdndev; |
508 | |
509 | if (mutex_lock_interruptible(&ap_perms_mutex)) |
510 | return -ERESTARTSYS; |
511 | zcdndev = find_zcdndev_by_devt(devt: filp->f_inode->i_rdev); |
512 | /* find returns a reference, no get_device() needed */ |
513 | mutex_unlock(lock: &ap_perms_mutex); |
514 | if (zcdndev) |
515 | perms = &zcdndev->perms; |
516 | } |
517 | filp->private_data = (void *)perms; |
518 | |
519 | atomic_inc(v: &zcrypt_open_count); |
520 | return stream_open(inode, filp); |
521 | } |
522 | |
523 | /* |
524 | * zcrypt_release(): Count number of users. |
525 | * |
526 | * Device close function to count number of users. |
527 | */ |
528 | static int zcrypt_release(struct inode *inode, struct file *filp) |
529 | { |
530 | if (filp->f_inode->i_cdev == &zcrypt_cdev) { |
531 | struct zcdn_device *zcdndev; |
532 | |
533 | mutex_lock(&ap_perms_mutex); |
534 | zcdndev = find_zcdndev_by_devt(devt: filp->f_inode->i_rdev); |
535 | mutex_unlock(lock: &ap_perms_mutex); |
536 | if (zcdndev) { |
537 | /* 2 puts here: one for find, one for open */ |
538 | put_device(dev: &zcdndev->device); |
539 | put_device(dev: &zcdndev->device); |
540 | } |
541 | } |
542 | |
543 | atomic_dec(v: &zcrypt_open_count); |
544 | return 0; |
545 | } |
546 | |
547 | static inline int zcrypt_check_ioctl(struct ap_perms *perms, |
548 | unsigned int cmd) |
549 | { |
550 | int rc = -EPERM; |
551 | int ioctlnr = (cmd & _IOC_NRMASK) >> _IOC_NRSHIFT; |
552 | |
553 | if (ioctlnr > 0 && ioctlnr < AP_IOCTLS) { |
554 | if (test_bit_inv(ioctlnr, perms->ioctlm)) |
555 | rc = 0; |
556 | } |
557 | |
558 | if (rc) |
559 | ZCRYPT_DBF_WARN("%s ioctl check failed: ioctlnr=0x%04x rc=%d\n" , |
560 | __func__, ioctlnr, rc); |
561 | |
562 | return rc; |
563 | } |
564 | |
565 | static inline bool zcrypt_check_card(struct ap_perms *perms, int card) |
566 | { |
567 | return test_bit_inv(card, perms->apm) ? true : false; |
568 | } |
569 | |
570 | static inline bool zcrypt_check_queue(struct ap_perms *perms, int queue) |
571 | { |
572 | return test_bit_inv(queue, perms->aqm) ? true : false; |
573 | } |
574 | |
575 | static inline struct zcrypt_queue *zcrypt_pick_queue(struct zcrypt_card *zc, |
576 | struct zcrypt_queue *zq, |
577 | struct module **pmod, |
578 | unsigned int weight) |
579 | { |
580 | if (!zq || !try_module_get(module: zq->queue->ap_dev.device.driver->owner)) |
581 | return NULL; |
582 | zcrypt_queue_get(zq); |
583 | get_device(dev: &zq->queue->ap_dev.device); |
584 | atomic_add(i: weight, v: &zc->load); |
585 | atomic_add(i: weight, v: &zq->load); |
586 | zq->request_count++; |
587 | *pmod = zq->queue->ap_dev.device.driver->owner; |
588 | return zq; |
589 | } |
590 | |
591 | static inline void zcrypt_drop_queue(struct zcrypt_card *zc, |
592 | struct zcrypt_queue *zq, |
593 | struct module *mod, |
594 | unsigned int weight) |
595 | { |
596 | zq->request_count--; |
597 | atomic_sub(i: weight, v: &zc->load); |
598 | atomic_sub(i: weight, v: &zq->load); |
599 | put_device(dev: &zq->queue->ap_dev.device); |
600 | zcrypt_queue_put(zq); |
601 | module_put(module: mod); |
602 | } |
603 | |
604 | static inline bool zcrypt_card_compare(struct zcrypt_card *zc, |
605 | struct zcrypt_card *pref_zc, |
606 | unsigned int weight, |
607 | unsigned int pref_weight) |
608 | { |
609 | if (!pref_zc) |
610 | return true; |
611 | weight += atomic_read(v: &zc->load); |
612 | pref_weight += atomic_read(v: &pref_zc->load); |
613 | if (weight == pref_weight) |
614 | return atomic64_read(v: &zc->card->total_request_count) < |
615 | atomic64_read(v: &pref_zc->card->total_request_count); |
616 | return weight < pref_weight; |
617 | } |
618 | |
619 | static inline bool zcrypt_queue_compare(struct zcrypt_queue *zq, |
620 | struct zcrypt_queue *pref_zq, |
621 | unsigned int weight, |
622 | unsigned int pref_weight) |
623 | { |
624 | if (!pref_zq) |
625 | return true; |
626 | weight += atomic_read(v: &zq->load); |
627 | pref_weight += atomic_read(v: &pref_zq->load); |
628 | if (weight == pref_weight) |
629 | return zq->queue->total_request_count < |
630 | pref_zq->queue->total_request_count; |
631 | return weight < pref_weight; |
632 | } |
633 | |
634 | /* |
635 | * zcrypt ioctls. |
636 | */ |
637 | static long zcrypt_rsa_modexpo(struct ap_perms *perms, |
638 | struct zcrypt_track *tr, |
639 | struct ica_rsa_modexpo *mex) |
640 | { |
641 | struct zcrypt_card *zc, *pref_zc; |
642 | struct zcrypt_queue *zq, *pref_zq; |
643 | struct ap_message ap_msg; |
644 | unsigned int wgt = 0, pref_wgt = 0; |
645 | unsigned int func_code; |
646 | int cpen, qpen, qid = 0, rc = -ENODEV; |
647 | struct module *mod; |
648 | |
649 | trace_s390_zcrypt_req(mex, TP_ICARSAMODEXPO); |
650 | |
651 | ap_init_message(ap_msg: &ap_msg); |
652 | |
653 | if (mex->outputdatalength < mex->inputdatalength) { |
654 | func_code = 0; |
655 | rc = -EINVAL; |
656 | goto out; |
657 | } |
658 | |
659 | /* |
660 | * As long as outputdatalength is big enough, we can set the |
661 | * outputdatalength equal to the inputdatalength, since that is the |
662 | * number of bytes we will copy in any case |
663 | */ |
664 | mex->outputdatalength = mex->inputdatalength; |
665 | |
666 | rc = get_rsa_modex_fc(mex, fc: &func_code); |
667 | if (rc) |
668 | goto out; |
669 | |
670 | pref_zc = NULL; |
671 | pref_zq = NULL; |
672 | spin_lock(lock: &zcrypt_list_lock); |
673 | for_each_zcrypt_card(zc) { |
674 | /* Check for usable accelerator or CCA card */ |
675 | if (!zc->online || !zc->card->config || zc->card->chkstop || |
676 | !(zc->card->functions & 0x18000000)) |
677 | continue; |
678 | /* Check for size limits */ |
679 | if (zc->min_mod_size > mex->inputdatalength || |
680 | zc->max_mod_size < mex->inputdatalength) |
681 | continue; |
682 | /* check if device node has admission for this card */ |
683 | if (!zcrypt_check_card(perms, card: zc->card->id)) |
684 | continue; |
685 | /* get weight index of the card device */ |
686 | wgt = zc->speed_rating[func_code]; |
687 | /* penalty if this msg was previously sent via this card */ |
688 | cpen = (tr && tr->again_counter && tr->last_qid && |
689 | AP_QID_CARD(tr->last_qid) == zc->card->id) ? |
690 | TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0; |
691 | if (!zcrypt_card_compare(zc, pref_zc, weight: wgt + cpen, pref_weight: pref_wgt)) |
692 | continue; |
693 | for_each_zcrypt_queue(zq, zc) { |
694 | /* check if device is usable and eligible */ |
695 | if (!zq->online || !zq->ops->rsa_modexpo || |
696 | !ap_queue_usable(aq: zq->queue)) |
697 | continue; |
698 | /* check if device node has admission for this queue */ |
699 | if (!zcrypt_check_queue(perms, |
700 | queue: AP_QID_QUEUE(zq->queue->qid))) |
701 | continue; |
702 | /* penalty if the msg was previously sent at this qid */ |
703 | qpen = (tr && tr->again_counter && tr->last_qid && |
704 | tr->last_qid == zq->queue->qid) ? |
705 | TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0; |
706 | if (!zcrypt_queue_compare(zq, pref_zq, |
707 | weight: wgt + cpen + qpen, pref_weight: pref_wgt)) |
708 | continue; |
709 | pref_zc = zc; |
710 | pref_zq = zq; |
711 | pref_wgt = wgt + cpen + qpen; |
712 | } |
713 | } |
714 | pref_zq = zcrypt_pick_queue(zc: pref_zc, zq: pref_zq, pmod: &mod, weight: wgt); |
715 | spin_unlock(lock: &zcrypt_list_lock); |
716 | |
717 | if (!pref_zq) { |
718 | ZCRYPT_DBF_DBG("%s no matching queue found => ENODEV\n" , |
719 | __func__); |
720 | rc = -ENODEV; |
721 | goto out; |
722 | } |
723 | |
724 | qid = pref_zq->queue->qid; |
725 | rc = pref_zq->ops->rsa_modexpo(pref_zq, mex, &ap_msg); |
726 | |
727 | spin_lock(lock: &zcrypt_list_lock); |
728 | zcrypt_drop_queue(zc: pref_zc, zq: pref_zq, mod, weight: wgt); |
729 | spin_unlock(lock: &zcrypt_list_lock); |
730 | |
731 | out: |
732 | ap_release_message(ap_msg: &ap_msg); |
733 | if (tr) { |
734 | tr->last_rc = rc; |
735 | tr->last_qid = qid; |
736 | } |
737 | trace_s390_zcrypt_rep(mex, func_code, rc, |
738 | AP_QID_CARD(qid), AP_QID_QUEUE(qid)); |
739 | return rc; |
740 | } |
741 | |
742 | static long zcrypt_rsa_crt(struct ap_perms *perms, |
743 | struct zcrypt_track *tr, |
744 | struct ica_rsa_modexpo_crt *crt) |
745 | { |
746 | struct zcrypt_card *zc, *pref_zc; |
747 | struct zcrypt_queue *zq, *pref_zq; |
748 | struct ap_message ap_msg; |
749 | unsigned int wgt = 0, pref_wgt = 0; |
750 | unsigned int func_code; |
751 | int cpen, qpen, qid = 0, rc = -ENODEV; |
752 | struct module *mod; |
753 | |
754 | trace_s390_zcrypt_req(crt, TP_ICARSACRT); |
755 | |
756 | ap_init_message(ap_msg: &ap_msg); |
757 | |
758 | if (crt->outputdatalength < crt->inputdatalength) { |
759 | func_code = 0; |
760 | rc = -EINVAL; |
761 | goto out; |
762 | } |
763 | |
764 | /* |
765 | * As long as outputdatalength is big enough, we can set the |
766 | * outputdatalength equal to the inputdatalength, since that is the |
767 | * number of bytes we will copy in any case |
768 | */ |
769 | crt->outputdatalength = crt->inputdatalength; |
770 | |
771 | rc = get_rsa_crt_fc(crt, fc: &func_code); |
772 | if (rc) |
773 | goto out; |
774 | |
775 | pref_zc = NULL; |
776 | pref_zq = NULL; |
777 | spin_lock(lock: &zcrypt_list_lock); |
778 | for_each_zcrypt_card(zc) { |
779 | /* Check for usable accelerator or CCA card */ |
780 | if (!zc->online || !zc->card->config || zc->card->chkstop || |
781 | !(zc->card->functions & 0x18000000)) |
782 | continue; |
783 | /* Check for size limits */ |
784 | if (zc->min_mod_size > crt->inputdatalength || |
785 | zc->max_mod_size < crt->inputdatalength) |
786 | continue; |
787 | /* check if device node has admission for this card */ |
788 | if (!zcrypt_check_card(perms, card: zc->card->id)) |
789 | continue; |
790 | /* get weight index of the card device */ |
791 | wgt = zc->speed_rating[func_code]; |
792 | /* penalty if this msg was previously sent via this card */ |
793 | cpen = (tr && tr->again_counter && tr->last_qid && |
794 | AP_QID_CARD(tr->last_qid) == zc->card->id) ? |
795 | TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0; |
796 | if (!zcrypt_card_compare(zc, pref_zc, weight: wgt + cpen, pref_weight: pref_wgt)) |
797 | continue; |
798 | for_each_zcrypt_queue(zq, zc) { |
799 | /* check if device is usable and eligible */ |
800 | if (!zq->online || !zq->ops->rsa_modexpo_crt || |
801 | !ap_queue_usable(aq: zq->queue)) |
802 | continue; |
803 | /* check if device node has admission for this queue */ |
804 | if (!zcrypt_check_queue(perms, |
805 | queue: AP_QID_QUEUE(zq->queue->qid))) |
806 | continue; |
807 | /* penalty if the msg was previously sent at this qid */ |
808 | qpen = (tr && tr->again_counter && tr->last_qid && |
809 | tr->last_qid == zq->queue->qid) ? |
810 | TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0; |
811 | if (!zcrypt_queue_compare(zq, pref_zq, |
812 | weight: wgt + cpen + qpen, pref_weight: pref_wgt)) |
813 | continue; |
814 | pref_zc = zc; |
815 | pref_zq = zq; |
816 | pref_wgt = wgt + cpen + qpen; |
817 | } |
818 | } |
819 | pref_zq = zcrypt_pick_queue(zc: pref_zc, zq: pref_zq, pmod: &mod, weight: wgt); |
820 | spin_unlock(lock: &zcrypt_list_lock); |
821 | |
822 | if (!pref_zq) { |
823 | ZCRYPT_DBF_DBG("%s no matching queue found => ENODEV\n" , |
824 | __func__); |
825 | rc = -ENODEV; |
826 | goto out; |
827 | } |
828 | |
829 | qid = pref_zq->queue->qid; |
830 | rc = pref_zq->ops->rsa_modexpo_crt(pref_zq, crt, &ap_msg); |
831 | |
832 | spin_lock(lock: &zcrypt_list_lock); |
833 | zcrypt_drop_queue(zc: pref_zc, zq: pref_zq, mod, weight: wgt); |
834 | spin_unlock(lock: &zcrypt_list_lock); |
835 | |
836 | out: |
837 | ap_release_message(ap_msg: &ap_msg); |
838 | if (tr) { |
839 | tr->last_rc = rc; |
840 | tr->last_qid = qid; |
841 | } |
842 | trace_s390_zcrypt_rep(crt, func_code, rc, |
843 | AP_QID_CARD(qid), AP_QID_QUEUE(qid)); |
844 | return rc; |
845 | } |
846 | |
847 | static long _zcrypt_send_cprb(bool userspace, struct ap_perms *perms, |
848 | struct zcrypt_track *tr, |
849 | struct ica_xcRB *xcrb) |
850 | { |
851 | struct zcrypt_card *zc, *pref_zc; |
852 | struct zcrypt_queue *zq, *pref_zq; |
853 | struct ap_message ap_msg; |
854 | unsigned int wgt = 0, pref_wgt = 0; |
855 | unsigned int func_code; |
856 | unsigned short *domain, tdom; |
857 | int cpen, qpen, qid = 0, rc = -ENODEV; |
858 | struct module *mod; |
859 | |
860 | trace_s390_zcrypt_req(xcrb, TB_ZSECSENDCPRB); |
861 | |
862 | xcrb->status = 0; |
863 | ap_init_message(ap_msg: &ap_msg); |
864 | |
865 | rc = prep_cca_ap_msg(userspace, xcrb, ap_msg: &ap_msg, fc: &func_code, dom: &domain); |
866 | if (rc) |
867 | goto out; |
868 | |
869 | tdom = *domain; |
870 | if (perms != &ap_perms && tdom < AP_DOMAINS) { |
871 | if (ap_msg.flags & AP_MSG_FLAG_ADMIN) { |
872 | if (!test_bit_inv(tdom, perms->adm)) { |
873 | rc = -ENODEV; |
874 | goto out; |
875 | } |
876 | } else if ((ap_msg.flags & AP_MSG_FLAG_USAGE) == 0) { |
877 | rc = -EOPNOTSUPP; |
878 | goto out; |
879 | } |
880 | } |
881 | /* |
882 | * If a valid target domain is set and this domain is NOT a usage |
883 | * domain but a control only domain, autoselect target domain. |
884 | */ |
885 | if (tdom < AP_DOMAINS && |
886 | !ap_test_config_usage_domain(domain: tdom) && |
887 | ap_test_config_ctrl_domain(domain: tdom)) |
888 | tdom = AUTOSEL_DOM; |
889 | |
890 | pref_zc = NULL; |
891 | pref_zq = NULL; |
892 | spin_lock(lock: &zcrypt_list_lock); |
893 | for_each_zcrypt_card(zc) { |
894 | /* Check for usable CCA card */ |
895 | if (!zc->online || !zc->card->config || zc->card->chkstop || |
896 | !(zc->card->functions & 0x10000000)) |
897 | continue; |
898 | /* Check for user selected CCA card */ |
899 | if (xcrb->user_defined != AUTOSELECT && |
900 | xcrb->user_defined != zc->card->id) |
901 | continue; |
902 | /* check if request size exceeds card max msg size */ |
903 | if (ap_msg.len > zc->card->maxmsgsize) |
904 | continue; |
905 | /* check if device node has admission for this card */ |
906 | if (!zcrypt_check_card(perms, card: zc->card->id)) |
907 | continue; |
908 | /* get weight index of the card device */ |
909 | wgt = speed_idx_cca(func_code) * zc->speed_rating[SECKEY]; |
910 | /* penalty if this msg was previously sent via this card */ |
911 | cpen = (tr && tr->again_counter && tr->last_qid && |
912 | AP_QID_CARD(tr->last_qid) == zc->card->id) ? |
913 | TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0; |
914 | if (!zcrypt_card_compare(zc, pref_zc, weight: wgt + cpen, pref_weight: pref_wgt)) |
915 | continue; |
916 | for_each_zcrypt_queue(zq, zc) { |
917 | /* check for device usable and eligible */ |
918 | if (!zq->online || !zq->ops->send_cprb || |
919 | !ap_queue_usable(zq->queue) || |
920 | (tdom != AUTOSEL_DOM && |
921 | tdom != AP_QID_QUEUE(zq->queue->qid))) |
922 | continue; |
923 | /* check if device node has admission for this queue */ |
924 | if (!zcrypt_check_queue(perms, |
925 | queue: AP_QID_QUEUE(zq->queue->qid))) |
926 | continue; |
927 | /* penalty if the msg was previously sent at this qid */ |
928 | qpen = (tr && tr->again_counter && tr->last_qid && |
929 | tr->last_qid == zq->queue->qid) ? |
930 | TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0; |
931 | if (!zcrypt_queue_compare(zq, pref_zq, |
932 | weight: wgt + cpen + qpen, pref_weight: pref_wgt)) |
933 | continue; |
934 | pref_zc = zc; |
935 | pref_zq = zq; |
936 | pref_wgt = wgt + cpen + qpen; |
937 | } |
938 | } |
939 | pref_zq = zcrypt_pick_queue(zc: pref_zc, zq: pref_zq, pmod: &mod, weight: wgt); |
940 | spin_unlock(lock: &zcrypt_list_lock); |
941 | |
942 | if (!pref_zq) { |
943 | ZCRYPT_DBF_DBG("%s no match for address %02x.%04x => ENODEV\n" , |
944 | __func__, xcrb->user_defined, *domain); |
945 | rc = -ENODEV; |
946 | goto out; |
947 | } |
948 | |
949 | /* in case of auto select, provide the correct domain */ |
950 | qid = pref_zq->queue->qid; |
951 | if (*domain == AUTOSEL_DOM) |
952 | *domain = AP_QID_QUEUE(qid); |
953 | |
954 | rc = pref_zq->ops->send_cprb(userspace, pref_zq, xcrb, &ap_msg); |
955 | |
956 | spin_lock(lock: &zcrypt_list_lock); |
957 | zcrypt_drop_queue(zc: pref_zc, zq: pref_zq, mod, weight: wgt); |
958 | spin_unlock(lock: &zcrypt_list_lock); |
959 | |
960 | out: |
961 | ap_release_message(ap_msg: &ap_msg); |
962 | if (tr) { |
963 | tr->last_rc = rc; |
964 | tr->last_qid = qid; |
965 | } |
966 | trace_s390_zcrypt_rep(xcrb, func_code, rc, |
967 | AP_QID_CARD(qid), AP_QID_QUEUE(qid)); |
968 | return rc; |
969 | } |
970 | |
971 | long zcrypt_send_cprb(struct ica_xcRB *xcrb) |
972 | { |
973 | return _zcrypt_send_cprb(userspace: false, perms: &ap_perms, NULL, xcrb); |
974 | } |
975 | EXPORT_SYMBOL(zcrypt_send_cprb); |
976 | |
977 | static bool is_desired_ep11_card(unsigned int dev_id, |
978 | unsigned short target_num, |
979 | struct ep11_target_dev *targets) |
980 | { |
981 | while (target_num-- > 0) { |
982 | if (targets->ap_id == dev_id || targets->ap_id == AUTOSEL_AP) |
983 | return true; |
984 | targets++; |
985 | } |
986 | return false; |
987 | } |
988 | |
989 | static bool is_desired_ep11_queue(unsigned int dev_qid, |
990 | unsigned short target_num, |
991 | struct ep11_target_dev *targets) |
992 | { |
993 | int card = AP_QID_CARD(dev_qid), dom = AP_QID_QUEUE(dev_qid); |
994 | |
995 | while (target_num-- > 0) { |
996 | if ((targets->ap_id == card || targets->ap_id == AUTOSEL_AP) && |
997 | (targets->dom_id == dom || targets->dom_id == AUTOSEL_DOM)) |
998 | return true; |
999 | targets++; |
1000 | } |
1001 | return false; |
1002 | } |
1003 | |
1004 | static long _zcrypt_send_ep11_cprb(bool userspace, struct ap_perms *perms, |
1005 | struct zcrypt_track *tr, |
1006 | struct ep11_urb *xcrb) |
1007 | { |
1008 | struct zcrypt_card *zc, *pref_zc; |
1009 | struct zcrypt_queue *zq, *pref_zq; |
1010 | struct ep11_target_dev *targets; |
1011 | unsigned short target_num; |
1012 | unsigned int wgt = 0, pref_wgt = 0; |
1013 | unsigned int func_code, domain; |
1014 | struct ap_message ap_msg; |
1015 | int cpen, qpen, qid = 0, rc = -ENODEV; |
1016 | struct module *mod; |
1017 | |
1018 | trace_s390_zcrypt_req(xcrb, TP_ZSENDEP11CPRB); |
1019 | |
1020 | ap_init_message(ap_msg: &ap_msg); |
1021 | |
1022 | target_num = (unsigned short)xcrb->targets_num; |
1023 | |
1024 | /* empty list indicates autoselect (all available targets) */ |
1025 | targets = NULL; |
1026 | if (target_num != 0) { |
1027 | struct ep11_target_dev __user *uptr; |
1028 | |
1029 | targets = kcalloc(target_num, sizeof(*targets), GFP_KERNEL); |
1030 | if (!targets) { |
1031 | func_code = 0; |
1032 | rc = -ENOMEM; |
1033 | goto out; |
1034 | } |
1035 | |
1036 | uptr = (struct ep11_target_dev __force __user *)xcrb->targets; |
1037 | if (z_copy_from_user(userspace, targets, uptr, |
1038 | target_num * sizeof(*targets))) { |
1039 | func_code = 0; |
1040 | rc = -EFAULT; |
1041 | goto out_free; |
1042 | } |
1043 | } |
1044 | |
1045 | rc = prep_ep11_ap_msg(userspace, xcrb, ap_msg: &ap_msg, fc: &func_code, dom: &domain); |
1046 | if (rc) |
1047 | goto out_free; |
1048 | |
1049 | if (perms != &ap_perms && domain < AUTOSEL_DOM) { |
1050 | if (ap_msg.flags & AP_MSG_FLAG_ADMIN) { |
1051 | if (!test_bit_inv(domain, perms->adm)) { |
1052 | rc = -ENODEV; |
1053 | goto out_free; |
1054 | } |
1055 | } else if ((ap_msg.flags & AP_MSG_FLAG_USAGE) == 0) { |
1056 | rc = -EOPNOTSUPP; |
1057 | goto out_free; |
1058 | } |
1059 | } |
1060 | |
1061 | pref_zc = NULL; |
1062 | pref_zq = NULL; |
1063 | spin_lock(lock: &zcrypt_list_lock); |
1064 | for_each_zcrypt_card(zc) { |
1065 | /* Check for usable EP11 card */ |
1066 | if (!zc->online || !zc->card->config || zc->card->chkstop || |
1067 | !(zc->card->functions & 0x04000000)) |
1068 | continue; |
1069 | /* Check for user selected EP11 card */ |
1070 | if (targets && |
1071 | !is_desired_ep11_card(dev_id: zc->card->id, target_num, targets)) |
1072 | continue; |
1073 | /* check if request size exceeds card max msg size */ |
1074 | if (ap_msg.len > zc->card->maxmsgsize) |
1075 | continue; |
1076 | /* check if device node has admission for this card */ |
1077 | if (!zcrypt_check_card(perms, card: zc->card->id)) |
1078 | continue; |
1079 | /* get weight index of the card device */ |
1080 | wgt = speed_idx_ep11(func_code) * zc->speed_rating[SECKEY]; |
1081 | /* penalty if this msg was previously sent via this card */ |
1082 | cpen = (tr && tr->again_counter && tr->last_qid && |
1083 | AP_QID_CARD(tr->last_qid) == zc->card->id) ? |
1084 | TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0; |
1085 | if (!zcrypt_card_compare(zc, pref_zc, weight: wgt + cpen, pref_weight: pref_wgt)) |
1086 | continue; |
1087 | for_each_zcrypt_queue(zq, zc) { |
1088 | /* check if device is usable and eligible */ |
1089 | if (!zq->online || !zq->ops->send_ep11_cprb || |
1090 | !ap_queue_usable(aq: zq->queue) || |
1091 | (targets && |
1092 | !is_desired_ep11_queue(dev_qid: zq->queue->qid, |
1093 | target_num, targets))) |
1094 | continue; |
1095 | /* check if device node has admission for this queue */ |
1096 | if (!zcrypt_check_queue(perms, |
1097 | queue: AP_QID_QUEUE(zq->queue->qid))) |
1098 | continue; |
1099 | /* penalty if the msg was previously sent at this qid */ |
1100 | qpen = (tr && tr->again_counter && tr->last_qid && |
1101 | tr->last_qid == zq->queue->qid) ? |
1102 | TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0; |
1103 | if (!zcrypt_queue_compare(zq, pref_zq, |
1104 | weight: wgt + cpen + qpen, pref_weight: pref_wgt)) |
1105 | continue; |
1106 | pref_zc = zc; |
1107 | pref_zq = zq; |
1108 | pref_wgt = wgt + cpen + qpen; |
1109 | } |
1110 | } |
1111 | pref_zq = zcrypt_pick_queue(zc: pref_zc, zq: pref_zq, pmod: &mod, weight: wgt); |
1112 | spin_unlock(lock: &zcrypt_list_lock); |
1113 | |
1114 | if (!pref_zq) { |
1115 | if (targets && target_num == 1) { |
1116 | ZCRYPT_DBF_DBG("%s no match for address %02x.%04x => ENODEV\n" , |
1117 | __func__, (int)targets->ap_id, |
1118 | (int)targets->dom_id); |
1119 | } else if (targets) { |
1120 | ZCRYPT_DBF_DBG("%s no match for %d target addrs => ENODEV\n" , |
1121 | __func__, (int)target_num); |
1122 | } else { |
1123 | ZCRYPT_DBF_DBG("%s no match for address ff.ffff => ENODEV\n" , |
1124 | __func__); |
1125 | } |
1126 | rc = -ENODEV; |
1127 | goto out_free; |
1128 | } |
1129 | |
1130 | qid = pref_zq->queue->qid; |
1131 | rc = pref_zq->ops->send_ep11_cprb(userspace, pref_zq, xcrb, &ap_msg); |
1132 | |
1133 | spin_lock(lock: &zcrypt_list_lock); |
1134 | zcrypt_drop_queue(zc: pref_zc, zq: pref_zq, mod, weight: wgt); |
1135 | spin_unlock(lock: &zcrypt_list_lock); |
1136 | |
1137 | out_free: |
1138 | kfree(objp: targets); |
1139 | out: |
1140 | ap_release_message(ap_msg: &ap_msg); |
1141 | if (tr) { |
1142 | tr->last_rc = rc; |
1143 | tr->last_qid = qid; |
1144 | } |
1145 | trace_s390_zcrypt_rep(xcrb, func_code, rc, |
1146 | AP_QID_CARD(qid), AP_QID_QUEUE(qid)); |
1147 | return rc; |
1148 | } |
1149 | |
1150 | long zcrypt_send_ep11_cprb(struct ep11_urb *xcrb) |
1151 | { |
1152 | return _zcrypt_send_ep11_cprb(userspace: false, perms: &ap_perms, NULL, xcrb); |
1153 | } |
1154 | EXPORT_SYMBOL(zcrypt_send_ep11_cprb); |
1155 | |
1156 | static long zcrypt_rng(char *buffer) |
1157 | { |
1158 | struct zcrypt_card *zc, *pref_zc; |
1159 | struct zcrypt_queue *zq, *pref_zq; |
1160 | unsigned int wgt = 0, pref_wgt = 0; |
1161 | unsigned int func_code; |
1162 | struct ap_message ap_msg; |
1163 | unsigned int domain; |
1164 | int qid = 0, rc = -ENODEV; |
1165 | struct module *mod; |
1166 | |
1167 | trace_s390_zcrypt_req(buffer, TP_HWRNGCPRB); |
1168 | |
1169 | ap_init_message(ap_msg: &ap_msg); |
1170 | rc = prep_rng_ap_msg(ap_msg: &ap_msg, fc: &func_code, dom: &domain); |
1171 | if (rc) |
1172 | goto out; |
1173 | |
1174 | pref_zc = NULL; |
1175 | pref_zq = NULL; |
1176 | spin_lock(lock: &zcrypt_list_lock); |
1177 | for_each_zcrypt_card(zc) { |
1178 | /* Check for usable CCA card */ |
1179 | if (!zc->online || !zc->card->config || zc->card->chkstop || |
1180 | !(zc->card->functions & 0x10000000)) |
1181 | continue; |
1182 | /* get weight index of the card device */ |
1183 | wgt = zc->speed_rating[func_code]; |
1184 | if (!zcrypt_card_compare(zc, pref_zc, weight: wgt, pref_weight: pref_wgt)) |
1185 | continue; |
1186 | for_each_zcrypt_queue(zq, zc) { |
1187 | /* check if device is usable and eligible */ |
1188 | if (!zq->online || !zq->ops->rng || |
1189 | !ap_queue_usable(aq: zq->queue)) |
1190 | continue; |
1191 | if (!zcrypt_queue_compare(zq, pref_zq, weight: wgt, pref_weight: pref_wgt)) |
1192 | continue; |
1193 | pref_zc = zc; |
1194 | pref_zq = zq; |
1195 | pref_wgt = wgt; |
1196 | } |
1197 | } |
1198 | pref_zq = zcrypt_pick_queue(zc: pref_zc, zq: pref_zq, pmod: &mod, weight: wgt); |
1199 | spin_unlock(lock: &zcrypt_list_lock); |
1200 | |
1201 | if (!pref_zq) { |
1202 | ZCRYPT_DBF_DBG("%s no matching queue found => ENODEV\n" , |
1203 | __func__); |
1204 | rc = -ENODEV; |
1205 | goto out; |
1206 | } |
1207 | |
1208 | qid = pref_zq->queue->qid; |
1209 | rc = pref_zq->ops->rng(pref_zq, buffer, &ap_msg); |
1210 | |
1211 | spin_lock(lock: &zcrypt_list_lock); |
1212 | zcrypt_drop_queue(zc: pref_zc, zq: pref_zq, mod, weight: wgt); |
1213 | spin_unlock(lock: &zcrypt_list_lock); |
1214 | |
1215 | out: |
1216 | ap_release_message(ap_msg: &ap_msg); |
1217 | trace_s390_zcrypt_rep(buffer, func_code, rc, |
1218 | AP_QID_CARD(qid), AP_QID_QUEUE(qid)); |
1219 | return rc; |
1220 | } |
1221 | |
1222 | static void zcrypt_device_status_mask(struct zcrypt_device_status *devstatus) |
1223 | { |
1224 | struct zcrypt_card *zc; |
1225 | struct zcrypt_queue *zq; |
1226 | struct zcrypt_device_status *stat; |
1227 | int card, queue; |
1228 | |
1229 | memset(devstatus, 0, MAX_ZDEV_ENTRIES |
1230 | * sizeof(struct zcrypt_device_status)); |
1231 | |
1232 | spin_lock(lock: &zcrypt_list_lock); |
1233 | for_each_zcrypt_card(zc) { |
1234 | for_each_zcrypt_queue(zq, zc) { |
1235 | card = AP_QID_CARD(zq->queue->qid); |
1236 | if (card >= MAX_ZDEV_CARDIDS) |
1237 | continue; |
1238 | queue = AP_QID_QUEUE(zq->queue->qid); |
1239 | stat = &devstatus[card * AP_DOMAINS + queue]; |
1240 | stat->hwtype = zc->card->ap_dev.device_type; |
1241 | stat->functions = zc->card->functions >> 26; |
1242 | stat->qid = zq->queue->qid; |
1243 | stat->online = zq->online ? 0x01 : 0x00; |
1244 | } |
1245 | } |
1246 | spin_unlock(lock: &zcrypt_list_lock); |
1247 | } |
1248 | |
1249 | void zcrypt_device_status_mask_ext(struct zcrypt_device_status_ext *devstatus) |
1250 | { |
1251 | struct zcrypt_card *zc; |
1252 | struct zcrypt_queue *zq; |
1253 | struct zcrypt_device_status_ext *stat; |
1254 | int card, queue; |
1255 | |
1256 | memset(devstatus, 0, MAX_ZDEV_ENTRIES_EXT |
1257 | * sizeof(struct zcrypt_device_status_ext)); |
1258 | |
1259 | spin_lock(lock: &zcrypt_list_lock); |
1260 | for_each_zcrypt_card(zc) { |
1261 | for_each_zcrypt_queue(zq, zc) { |
1262 | card = AP_QID_CARD(zq->queue->qid); |
1263 | queue = AP_QID_QUEUE(zq->queue->qid); |
1264 | stat = &devstatus[card * AP_DOMAINS + queue]; |
1265 | stat->hwtype = zc->card->ap_dev.device_type; |
1266 | stat->functions = zc->card->functions >> 26; |
1267 | stat->qid = zq->queue->qid; |
1268 | stat->online = zq->online ? 0x01 : 0x00; |
1269 | } |
1270 | } |
1271 | spin_unlock(lock: &zcrypt_list_lock); |
1272 | } |
1273 | EXPORT_SYMBOL(zcrypt_device_status_mask_ext); |
1274 | |
1275 | int zcrypt_device_status_ext(int card, int queue, |
1276 | struct zcrypt_device_status_ext *devstat) |
1277 | { |
1278 | struct zcrypt_card *zc; |
1279 | struct zcrypt_queue *zq; |
1280 | |
1281 | memset(devstat, 0, sizeof(*devstat)); |
1282 | |
1283 | spin_lock(lock: &zcrypt_list_lock); |
1284 | for_each_zcrypt_card(zc) { |
1285 | for_each_zcrypt_queue(zq, zc) { |
1286 | if (card == AP_QID_CARD(zq->queue->qid) && |
1287 | queue == AP_QID_QUEUE(zq->queue->qid)) { |
1288 | devstat->hwtype = zc->card->ap_dev.device_type; |
1289 | devstat->functions = zc->card->functions >> 26; |
1290 | devstat->qid = zq->queue->qid; |
1291 | devstat->online = zq->online ? 0x01 : 0x00; |
1292 | spin_unlock(lock: &zcrypt_list_lock); |
1293 | return 0; |
1294 | } |
1295 | } |
1296 | } |
1297 | spin_unlock(lock: &zcrypt_list_lock); |
1298 | |
1299 | return -ENODEV; |
1300 | } |
1301 | EXPORT_SYMBOL(zcrypt_device_status_ext); |
1302 | |
1303 | static void zcrypt_status_mask(char status[], size_t max_adapters) |
1304 | { |
1305 | struct zcrypt_card *zc; |
1306 | struct zcrypt_queue *zq; |
1307 | int card; |
1308 | |
1309 | memset(status, 0, max_adapters); |
1310 | spin_lock(lock: &zcrypt_list_lock); |
1311 | for_each_zcrypt_card(zc) { |
1312 | for_each_zcrypt_queue(zq, zc) { |
1313 | card = AP_QID_CARD(zq->queue->qid); |
1314 | if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index || |
1315 | card >= max_adapters) |
1316 | continue; |
1317 | status[card] = zc->online ? zc->user_space_type : 0x0d; |
1318 | } |
1319 | } |
1320 | spin_unlock(lock: &zcrypt_list_lock); |
1321 | } |
1322 | |
1323 | static void zcrypt_qdepth_mask(char qdepth[], size_t max_adapters) |
1324 | { |
1325 | struct zcrypt_card *zc; |
1326 | struct zcrypt_queue *zq; |
1327 | int card; |
1328 | |
1329 | memset(qdepth, 0, max_adapters); |
1330 | spin_lock(lock: &zcrypt_list_lock); |
1331 | local_bh_disable(); |
1332 | for_each_zcrypt_card(zc) { |
1333 | for_each_zcrypt_queue(zq, zc) { |
1334 | card = AP_QID_CARD(zq->queue->qid); |
1335 | if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index || |
1336 | card >= max_adapters) |
1337 | continue; |
1338 | spin_lock(lock: &zq->queue->lock); |
1339 | qdepth[card] = |
1340 | zq->queue->pendingq_count + |
1341 | zq->queue->requestq_count; |
1342 | spin_unlock(lock: &zq->queue->lock); |
1343 | } |
1344 | } |
1345 | local_bh_enable(); |
1346 | spin_unlock(lock: &zcrypt_list_lock); |
1347 | } |
1348 | |
1349 | static void zcrypt_perdev_reqcnt(u32 reqcnt[], size_t max_adapters) |
1350 | { |
1351 | struct zcrypt_card *zc; |
1352 | struct zcrypt_queue *zq; |
1353 | int card; |
1354 | u64 cnt; |
1355 | |
1356 | memset(reqcnt, 0, sizeof(int) * max_adapters); |
1357 | spin_lock(lock: &zcrypt_list_lock); |
1358 | local_bh_disable(); |
1359 | for_each_zcrypt_card(zc) { |
1360 | for_each_zcrypt_queue(zq, zc) { |
1361 | card = AP_QID_CARD(zq->queue->qid); |
1362 | if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index || |
1363 | card >= max_adapters) |
1364 | continue; |
1365 | spin_lock(lock: &zq->queue->lock); |
1366 | cnt = zq->queue->total_request_count; |
1367 | spin_unlock(lock: &zq->queue->lock); |
1368 | reqcnt[card] = (cnt < UINT_MAX) ? (u32)cnt : UINT_MAX; |
1369 | } |
1370 | } |
1371 | local_bh_enable(); |
1372 | spin_unlock(lock: &zcrypt_list_lock); |
1373 | } |
1374 | |
1375 | static int zcrypt_pendingq_count(void) |
1376 | { |
1377 | struct zcrypt_card *zc; |
1378 | struct zcrypt_queue *zq; |
1379 | int pendingq_count; |
1380 | |
1381 | pendingq_count = 0; |
1382 | spin_lock(lock: &zcrypt_list_lock); |
1383 | local_bh_disable(); |
1384 | for_each_zcrypt_card(zc) { |
1385 | for_each_zcrypt_queue(zq, zc) { |
1386 | if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index) |
1387 | continue; |
1388 | spin_lock(lock: &zq->queue->lock); |
1389 | pendingq_count += zq->queue->pendingq_count; |
1390 | spin_unlock(lock: &zq->queue->lock); |
1391 | } |
1392 | } |
1393 | local_bh_enable(); |
1394 | spin_unlock(lock: &zcrypt_list_lock); |
1395 | return pendingq_count; |
1396 | } |
1397 | |
1398 | static int zcrypt_requestq_count(void) |
1399 | { |
1400 | struct zcrypt_card *zc; |
1401 | struct zcrypt_queue *zq; |
1402 | int requestq_count; |
1403 | |
1404 | requestq_count = 0; |
1405 | spin_lock(lock: &zcrypt_list_lock); |
1406 | local_bh_disable(); |
1407 | for_each_zcrypt_card(zc) { |
1408 | for_each_zcrypt_queue(zq, zc) { |
1409 | if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index) |
1410 | continue; |
1411 | spin_lock(lock: &zq->queue->lock); |
1412 | requestq_count += zq->queue->requestq_count; |
1413 | spin_unlock(lock: &zq->queue->lock); |
1414 | } |
1415 | } |
1416 | local_bh_enable(); |
1417 | spin_unlock(lock: &zcrypt_list_lock); |
1418 | return requestq_count; |
1419 | } |
1420 | |
1421 | static int icarsamodexpo_ioctl(struct ap_perms *perms, unsigned long arg) |
1422 | { |
1423 | int rc; |
1424 | struct zcrypt_track tr; |
1425 | struct ica_rsa_modexpo mex; |
1426 | struct ica_rsa_modexpo __user *umex = (void __user *)arg; |
1427 | |
1428 | memset(&tr, 0, sizeof(tr)); |
1429 | if (copy_from_user(to: &mex, from: umex, n: sizeof(mex))) |
1430 | return -EFAULT; |
1431 | |
1432 | do { |
1433 | rc = zcrypt_rsa_modexpo(perms, tr: &tr, mex: &mex); |
1434 | if (rc == -EAGAIN) |
1435 | tr.again_counter++; |
1436 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1437 | /* on failure: retry once again after a requested rescan */ |
1438 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1439 | do { |
1440 | rc = zcrypt_rsa_modexpo(perms, tr: &tr, mex: &mex); |
1441 | if (rc == -EAGAIN) |
1442 | tr.again_counter++; |
1443 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1444 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1445 | rc = -EIO; |
1446 | if (rc) { |
1447 | ZCRYPT_DBF_DBG("ioctl ICARSAMODEXPO rc=%d\n" , rc); |
1448 | return rc; |
1449 | } |
1450 | return put_user(mex.outputdatalength, &umex->outputdatalength); |
1451 | } |
1452 | |
1453 | static int icarsacrt_ioctl(struct ap_perms *perms, unsigned long arg) |
1454 | { |
1455 | int rc; |
1456 | struct zcrypt_track tr; |
1457 | struct ica_rsa_modexpo_crt crt; |
1458 | struct ica_rsa_modexpo_crt __user *ucrt = (void __user *)arg; |
1459 | |
1460 | memset(&tr, 0, sizeof(tr)); |
1461 | if (copy_from_user(to: &crt, from: ucrt, n: sizeof(crt))) |
1462 | return -EFAULT; |
1463 | |
1464 | do { |
1465 | rc = zcrypt_rsa_crt(perms, tr: &tr, crt: &crt); |
1466 | if (rc == -EAGAIN) |
1467 | tr.again_counter++; |
1468 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1469 | /* on failure: retry once again after a requested rescan */ |
1470 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1471 | do { |
1472 | rc = zcrypt_rsa_crt(perms, tr: &tr, crt: &crt); |
1473 | if (rc == -EAGAIN) |
1474 | tr.again_counter++; |
1475 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1476 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1477 | rc = -EIO; |
1478 | if (rc) { |
1479 | ZCRYPT_DBF_DBG("ioctl ICARSACRT rc=%d\n" , rc); |
1480 | return rc; |
1481 | } |
1482 | return put_user(crt.outputdatalength, &ucrt->outputdatalength); |
1483 | } |
1484 | |
1485 | static int zsecsendcprb_ioctl(struct ap_perms *perms, unsigned long arg) |
1486 | { |
1487 | int rc; |
1488 | struct ica_xcRB xcrb; |
1489 | struct zcrypt_track tr; |
1490 | struct ica_xcRB __user *uxcrb = (void __user *)arg; |
1491 | |
1492 | memset(&tr, 0, sizeof(tr)); |
1493 | if (copy_from_user(to: &xcrb, from: uxcrb, n: sizeof(xcrb))) |
1494 | return -EFAULT; |
1495 | |
1496 | do { |
1497 | rc = _zcrypt_send_cprb(userspace: true, perms, tr: &tr, xcrb: &xcrb); |
1498 | if (rc == -EAGAIN) |
1499 | tr.again_counter++; |
1500 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1501 | /* on failure: retry once again after a requested rescan */ |
1502 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1503 | do { |
1504 | rc = _zcrypt_send_cprb(userspace: true, perms, tr: &tr, xcrb: &xcrb); |
1505 | if (rc == -EAGAIN) |
1506 | tr.again_counter++; |
1507 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1508 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1509 | rc = -EIO; |
1510 | if (rc) |
1511 | ZCRYPT_DBF_DBG("ioctl ZSENDCPRB rc=%d status=0x%x\n" , |
1512 | rc, xcrb.status); |
1513 | if (copy_to_user(to: uxcrb, from: &xcrb, n: sizeof(xcrb))) |
1514 | return -EFAULT; |
1515 | return rc; |
1516 | } |
1517 | |
1518 | static int zsendep11cprb_ioctl(struct ap_perms *perms, unsigned long arg) |
1519 | { |
1520 | int rc; |
1521 | struct ep11_urb xcrb; |
1522 | struct zcrypt_track tr; |
1523 | struct ep11_urb __user *uxcrb = (void __user *)arg; |
1524 | |
1525 | memset(&tr, 0, sizeof(tr)); |
1526 | if (copy_from_user(to: &xcrb, from: uxcrb, n: sizeof(xcrb))) |
1527 | return -EFAULT; |
1528 | |
1529 | do { |
1530 | rc = _zcrypt_send_ep11_cprb(userspace: true, perms, tr: &tr, xcrb: &xcrb); |
1531 | if (rc == -EAGAIN) |
1532 | tr.again_counter++; |
1533 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1534 | /* on failure: retry once again after a requested rescan */ |
1535 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1536 | do { |
1537 | rc = _zcrypt_send_ep11_cprb(userspace: true, perms, tr: &tr, xcrb: &xcrb); |
1538 | if (rc == -EAGAIN) |
1539 | tr.again_counter++; |
1540 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1541 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1542 | rc = -EIO; |
1543 | if (rc) |
1544 | ZCRYPT_DBF_DBG("ioctl ZSENDEP11CPRB rc=%d\n" , rc); |
1545 | if (copy_to_user(to: uxcrb, from: &xcrb, n: sizeof(xcrb))) |
1546 | return -EFAULT; |
1547 | return rc; |
1548 | } |
1549 | |
1550 | static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd, |
1551 | unsigned long arg) |
1552 | { |
1553 | int rc; |
1554 | struct ap_perms *perms = |
1555 | (struct ap_perms *)filp->private_data; |
1556 | |
1557 | rc = zcrypt_check_ioctl(perms, cmd); |
1558 | if (rc) |
1559 | return rc; |
1560 | |
1561 | switch (cmd) { |
1562 | case ICARSAMODEXPO: |
1563 | return icarsamodexpo_ioctl(perms, arg); |
1564 | case ICARSACRT: |
1565 | return icarsacrt_ioctl(perms, arg); |
1566 | case ZSECSENDCPRB: |
1567 | return zsecsendcprb_ioctl(perms, arg); |
1568 | case ZSENDEP11CPRB: |
1569 | return zsendep11cprb_ioctl(perms, arg); |
1570 | case ZCRYPT_DEVICE_STATUS: { |
1571 | struct zcrypt_device_status_ext *device_status; |
1572 | size_t total_size = MAX_ZDEV_ENTRIES_EXT |
1573 | * sizeof(struct zcrypt_device_status_ext); |
1574 | |
1575 | device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT, |
1576 | sizeof(struct zcrypt_device_status_ext), |
1577 | GFP_KERNEL); |
1578 | if (!device_status) |
1579 | return -ENOMEM; |
1580 | zcrypt_device_status_mask_ext(device_status); |
1581 | if (copy_to_user(to: (char __user *)arg, from: device_status, |
1582 | n: total_size)) |
1583 | rc = -EFAULT; |
1584 | kvfree(addr: device_status); |
1585 | return rc; |
1586 | } |
1587 | case ZCRYPT_STATUS_MASK: { |
1588 | char status[AP_DEVICES]; |
1589 | |
1590 | zcrypt_status_mask(status, AP_DEVICES); |
1591 | if (copy_to_user(to: (char __user *)arg, from: status, n: sizeof(status))) |
1592 | return -EFAULT; |
1593 | return 0; |
1594 | } |
1595 | case ZCRYPT_QDEPTH_MASK: { |
1596 | char qdepth[AP_DEVICES]; |
1597 | |
1598 | zcrypt_qdepth_mask(qdepth, AP_DEVICES); |
1599 | if (copy_to_user(to: (char __user *)arg, from: qdepth, n: sizeof(qdepth))) |
1600 | return -EFAULT; |
1601 | return 0; |
1602 | } |
1603 | case ZCRYPT_PERDEV_REQCNT: { |
1604 | u32 *reqcnt; |
1605 | |
1606 | reqcnt = kcalloc(AP_DEVICES, size: sizeof(u32), GFP_KERNEL); |
1607 | if (!reqcnt) |
1608 | return -ENOMEM; |
1609 | zcrypt_perdev_reqcnt(reqcnt, AP_DEVICES); |
1610 | if (copy_to_user(to: (int __user *)arg, from: reqcnt, |
1611 | n: sizeof(u32) * AP_DEVICES)) |
1612 | rc = -EFAULT; |
1613 | kfree(objp: reqcnt); |
1614 | return rc; |
1615 | } |
1616 | case Z90STAT_REQUESTQ_COUNT: |
1617 | return put_user(zcrypt_requestq_count(), (int __user *)arg); |
1618 | case Z90STAT_PENDINGQ_COUNT: |
1619 | return put_user(zcrypt_pendingq_count(), (int __user *)arg); |
1620 | case Z90STAT_TOTALOPEN_COUNT: |
1621 | return put_user(atomic_read(&zcrypt_open_count), |
1622 | (int __user *)arg); |
1623 | case Z90STAT_DOMAIN_INDEX: |
1624 | return put_user(ap_domain_index, (int __user *)arg); |
1625 | /* |
1626 | * Deprecated ioctls |
1627 | */ |
1628 | case ZDEVICESTATUS: { |
1629 | /* the old ioctl supports only 64 adapters */ |
1630 | struct zcrypt_device_status *device_status; |
1631 | size_t total_size = MAX_ZDEV_ENTRIES |
1632 | * sizeof(struct zcrypt_device_status); |
1633 | |
1634 | device_status = kzalloc(size: total_size, GFP_KERNEL); |
1635 | if (!device_status) |
1636 | return -ENOMEM; |
1637 | zcrypt_device_status_mask(devstatus: device_status); |
1638 | if (copy_to_user(to: (char __user *)arg, from: device_status, |
1639 | n: total_size)) |
1640 | rc = -EFAULT; |
1641 | kfree(objp: device_status); |
1642 | return rc; |
1643 | } |
1644 | case Z90STAT_STATUS_MASK: { |
1645 | /* the old ioctl supports only 64 adapters */ |
1646 | char status[MAX_ZDEV_CARDIDS]; |
1647 | |
1648 | zcrypt_status_mask(status, MAX_ZDEV_CARDIDS); |
1649 | if (copy_to_user(to: (char __user *)arg, from: status, n: sizeof(status))) |
1650 | return -EFAULT; |
1651 | return 0; |
1652 | } |
1653 | case Z90STAT_QDEPTH_MASK: { |
1654 | /* the old ioctl supports only 64 adapters */ |
1655 | char qdepth[MAX_ZDEV_CARDIDS]; |
1656 | |
1657 | zcrypt_qdepth_mask(qdepth, MAX_ZDEV_CARDIDS); |
1658 | if (copy_to_user(to: (char __user *)arg, from: qdepth, n: sizeof(qdepth))) |
1659 | return -EFAULT; |
1660 | return 0; |
1661 | } |
1662 | case Z90STAT_PERDEV_REQCNT: { |
1663 | /* the old ioctl supports only 64 adapters */ |
1664 | u32 reqcnt[MAX_ZDEV_CARDIDS]; |
1665 | |
1666 | zcrypt_perdev_reqcnt(reqcnt, MAX_ZDEV_CARDIDS); |
1667 | if (copy_to_user(to: (int __user *)arg, from: reqcnt, n: sizeof(reqcnt))) |
1668 | return -EFAULT; |
1669 | return 0; |
1670 | } |
1671 | /* unknown ioctl number */ |
1672 | default: |
1673 | ZCRYPT_DBF_DBG("unknown ioctl 0x%08x\n" , cmd); |
1674 | return -ENOIOCTLCMD; |
1675 | } |
1676 | } |
1677 | |
1678 | #ifdef CONFIG_COMPAT |
1679 | /* |
1680 | * ioctl32 conversion routines |
1681 | */ |
1682 | struct compat_ica_rsa_modexpo { |
1683 | compat_uptr_t inputdata; |
1684 | unsigned int inputdatalength; |
1685 | compat_uptr_t outputdata; |
1686 | unsigned int outputdatalength; |
1687 | compat_uptr_t b_key; |
1688 | compat_uptr_t n_modulus; |
1689 | }; |
1690 | |
1691 | static long trans_modexpo32(struct ap_perms *perms, struct file *filp, |
1692 | unsigned int cmd, unsigned long arg) |
1693 | { |
1694 | struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(uptr: arg); |
1695 | struct compat_ica_rsa_modexpo mex32; |
1696 | struct ica_rsa_modexpo mex64; |
1697 | struct zcrypt_track tr; |
1698 | long rc; |
1699 | |
1700 | memset(&tr, 0, sizeof(tr)); |
1701 | if (copy_from_user(to: &mex32, from: umex32, n: sizeof(mex32))) |
1702 | return -EFAULT; |
1703 | mex64.inputdata = compat_ptr(uptr: mex32.inputdata); |
1704 | mex64.inputdatalength = mex32.inputdatalength; |
1705 | mex64.outputdata = compat_ptr(uptr: mex32.outputdata); |
1706 | mex64.outputdatalength = mex32.outputdatalength; |
1707 | mex64.b_key = compat_ptr(uptr: mex32.b_key); |
1708 | mex64.n_modulus = compat_ptr(uptr: mex32.n_modulus); |
1709 | do { |
1710 | rc = zcrypt_rsa_modexpo(perms, tr: &tr, mex: &mex64); |
1711 | if (rc == -EAGAIN) |
1712 | tr.again_counter++; |
1713 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1714 | /* on failure: retry once again after a requested rescan */ |
1715 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1716 | do { |
1717 | rc = zcrypt_rsa_modexpo(perms, tr: &tr, mex: &mex64); |
1718 | if (rc == -EAGAIN) |
1719 | tr.again_counter++; |
1720 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1721 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1722 | rc = -EIO; |
1723 | if (rc) |
1724 | return rc; |
1725 | return put_user(mex64.outputdatalength, |
1726 | &umex32->outputdatalength); |
1727 | } |
1728 | |
1729 | struct compat_ica_rsa_modexpo_crt { |
1730 | compat_uptr_t inputdata; |
1731 | unsigned int inputdatalength; |
1732 | compat_uptr_t outputdata; |
1733 | unsigned int outputdatalength; |
1734 | compat_uptr_t bp_key; |
1735 | compat_uptr_t bq_key; |
1736 | compat_uptr_t np_prime; |
1737 | compat_uptr_t nq_prime; |
1738 | compat_uptr_t u_mult_inv; |
1739 | }; |
1740 | |
1741 | static long trans_modexpo_crt32(struct ap_perms *perms, struct file *filp, |
1742 | unsigned int cmd, unsigned long arg) |
1743 | { |
1744 | struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(uptr: arg); |
1745 | struct compat_ica_rsa_modexpo_crt crt32; |
1746 | struct ica_rsa_modexpo_crt crt64; |
1747 | struct zcrypt_track tr; |
1748 | long rc; |
1749 | |
1750 | memset(&tr, 0, sizeof(tr)); |
1751 | if (copy_from_user(to: &crt32, from: ucrt32, n: sizeof(crt32))) |
1752 | return -EFAULT; |
1753 | crt64.inputdata = compat_ptr(uptr: crt32.inputdata); |
1754 | crt64.inputdatalength = crt32.inputdatalength; |
1755 | crt64.outputdata = compat_ptr(uptr: crt32.outputdata); |
1756 | crt64.outputdatalength = crt32.outputdatalength; |
1757 | crt64.bp_key = compat_ptr(uptr: crt32.bp_key); |
1758 | crt64.bq_key = compat_ptr(uptr: crt32.bq_key); |
1759 | crt64.np_prime = compat_ptr(uptr: crt32.np_prime); |
1760 | crt64.nq_prime = compat_ptr(uptr: crt32.nq_prime); |
1761 | crt64.u_mult_inv = compat_ptr(uptr: crt32.u_mult_inv); |
1762 | do { |
1763 | rc = zcrypt_rsa_crt(perms, tr: &tr, crt: &crt64); |
1764 | if (rc == -EAGAIN) |
1765 | tr.again_counter++; |
1766 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1767 | /* on failure: retry once again after a requested rescan */ |
1768 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1769 | do { |
1770 | rc = zcrypt_rsa_crt(perms, tr: &tr, crt: &crt64); |
1771 | if (rc == -EAGAIN) |
1772 | tr.again_counter++; |
1773 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1774 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1775 | rc = -EIO; |
1776 | if (rc) |
1777 | return rc; |
1778 | return put_user(crt64.outputdatalength, |
1779 | &ucrt32->outputdatalength); |
1780 | } |
1781 | |
1782 | struct compat_ica_xcrb { |
1783 | unsigned short agent_ID; |
1784 | unsigned int user_defined; |
1785 | unsigned short request_ID; |
1786 | unsigned int request_control_blk_length; |
1787 | unsigned char padding1[16 - sizeof(compat_uptr_t)]; |
1788 | compat_uptr_t request_control_blk_addr; |
1789 | unsigned int request_data_length; |
1790 | char padding2[16 - sizeof(compat_uptr_t)]; |
1791 | compat_uptr_t request_data_address; |
1792 | unsigned int reply_control_blk_length; |
1793 | char padding3[16 - sizeof(compat_uptr_t)]; |
1794 | compat_uptr_t reply_control_blk_addr; |
1795 | unsigned int reply_data_length; |
1796 | char padding4[16 - sizeof(compat_uptr_t)]; |
1797 | compat_uptr_t reply_data_addr; |
1798 | unsigned short priority_window; |
1799 | unsigned int status; |
1800 | } __packed; |
1801 | |
1802 | static long trans_xcrb32(struct ap_perms *perms, struct file *filp, |
1803 | unsigned int cmd, unsigned long arg) |
1804 | { |
1805 | struct compat_ica_xcrb __user *uxcrb32 = compat_ptr(uptr: arg); |
1806 | struct compat_ica_xcrb xcrb32; |
1807 | struct zcrypt_track tr; |
1808 | struct ica_xcRB xcrb64; |
1809 | long rc; |
1810 | |
1811 | memset(&tr, 0, sizeof(tr)); |
1812 | if (copy_from_user(to: &xcrb32, from: uxcrb32, n: sizeof(xcrb32))) |
1813 | return -EFAULT; |
1814 | xcrb64.agent_ID = xcrb32.agent_ID; |
1815 | xcrb64.user_defined = xcrb32.user_defined; |
1816 | xcrb64.request_ID = xcrb32.request_ID; |
1817 | xcrb64.request_control_blk_length = |
1818 | xcrb32.request_control_blk_length; |
1819 | xcrb64.request_control_blk_addr = |
1820 | compat_ptr(uptr: xcrb32.request_control_blk_addr); |
1821 | xcrb64.request_data_length = |
1822 | xcrb32.request_data_length; |
1823 | xcrb64.request_data_address = |
1824 | compat_ptr(uptr: xcrb32.request_data_address); |
1825 | xcrb64.reply_control_blk_length = |
1826 | xcrb32.reply_control_blk_length; |
1827 | xcrb64.reply_control_blk_addr = |
1828 | compat_ptr(uptr: xcrb32.reply_control_blk_addr); |
1829 | xcrb64.reply_data_length = xcrb32.reply_data_length; |
1830 | xcrb64.reply_data_addr = |
1831 | compat_ptr(uptr: xcrb32.reply_data_addr); |
1832 | xcrb64.priority_window = xcrb32.priority_window; |
1833 | xcrb64.status = xcrb32.status; |
1834 | do { |
1835 | rc = _zcrypt_send_cprb(userspace: true, perms, tr: &tr, xcrb: &xcrb64); |
1836 | if (rc == -EAGAIN) |
1837 | tr.again_counter++; |
1838 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1839 | /* on failure: retry once again after a requested rescan */ |
1840 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1841 | do { |
1842 | rc = _zcrypt_send_cprb(userspace: true, perms, tr: &tr, xcrb: &xcrb64); |
1843 | if (rc == -EAGAIN) |
1844 | tr.again_counter++; |
1845 | } while (rc == -EAGAIN && tr.again_counter < TRACK_AGAIN_MAX); |
1846 | if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX) |
1847 | rc = -EIO; |
1848 | xcrb32.reply_control_blk_length = xcrb64.reply_control_blk_length; |
1849 | xcrb32.reply_data_length = xcrb64.reply_data_length; |
1850 | xcrb32.status = xcrb64.status; |
1851 | if (copy_to_user(to: uxcrb32, from: &xcrb32, n: sizeof(xcrb32))) |
1852 | return -EFAULT; |
1853 | return rc; |
1854 | } |
1855 | |
1856 | static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd, |
1857 | unsigned long arg) |
1858 | { |
1859 | int rc; |
1860 | struct ap_perms *perms = |
1861 | (struct ap_perms *)filp->private_data; |
1862 | |
1863 | rc = zcrypt_check_ioctl(perms, cmd); |
1864 | if (rc) |
1865 | return rc; |
1866 | |
1867 | if (cmd == ICARSAMODEXPO) |
1868 | return trans_modexpo32(perms, filp, cmd, arg); |
1869 | if (cmd == ICARSACRT) |
1870 | return trans_modexpo_crt32(perms, filp, cmd, arg); |
1871 | if (cmd == ZSECSENDCPRB) |
1872 | return trans_xcrb32(perms, filp, cmd, arg); |
1873 | return zcrypt_unlocked_ioctl(filp, cmd, arg); |
1874 | } |
1875 | #endif |
1876 | |
1877 | /* |
1878 | * Misc device file operations. |
1879 | */ |
1880 | static const struct file_operations zcrypt_fops = { |
1881 | .owner = THIS_MODULE, |
1882 | .read = zcrypt_read, |
1883 | .write = zcrypt_write, |
1884 | .unlocked_ioctl = zcrypt_unlocked_ioctl, |
1885 | #ifdef CONFIG_COMPAT |
1886 | .compat_ioctl = zcrypt_compat_ioctl, |
1887 | #endif |
1888 | .open = zcrypt_open, |
1889 | .release = zcrypt_release, |
1890 | .llseek = no_llseek, |
1891 | }; |
1892 | |
1893 | /* |
1894 | * Misc device. |
1895 | */ |
1896 | static struct miscdevice zcrypt_misc_device = { |
1897 | .minor = MISC_DYNAMIC_MINOR, |
1898 | .name = "z90crypt" , |
1899 | .fops = &zcrypt_fops, |
1900 | }; |
1901 | |
1902 | static int zcrypt_rng_device_count; |
1903 | static u32 *zcrypt_rng_buffer; |
1904 | static int zcrypt_rng_buffer_index; |
1905 | static DEFINE_MUTEX(zcrypt_rng_mutex); |
1906 | |
1907 | static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data) |
1908 | { |
1909 | int rc; |
1910 | |
1911 | /* |
1912 | * We don't need locking here because the RNG API guarantees serialized |
1913 | * read method calls. |
1914 | */ |
1915 | if (zcrypt_rng_buffer_index == 0) { |
1916 | rc = zcrypt_rng(buffer: (char *)zcrypt_rng_buffer); |
1917 | /* on failure: retry once again after a requested rescan */ |
1918 | if ((rc == -ENODEV) && (zcrypt_process_rescan())) |
1919 | rc = zcrypt_rng(buffer: (char *)zcrypt_rng_buffer); |
1920 | if (rc < 0) |
1921 | return -EIO; |
1922 | zcrypt_rng_buffer_index = rc / sizeof(*data); |
1923 | } |
1924 | *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index]; |
1925 | return sizeof(*data); |
1926 | } |
1927 | |
1928 | static struct hwrng zcrypt_rng_dev = { |
1929 | .name = "zcrypt" , |
1930 | .data_read = zcrypt_rng_data_read, |
1931 | .quality = 990, |
1932 | }; |
1933 | |
1934 | int zcrypt_rng_device_add(void) |
1935 | { |
1936 | int rc = 0; |
1937 | |
1938 | mutex_lock(&zcrypt_rng_mutex); |
1939 | if (zcrypt_rng_device_count == 0) { |
1940 | zcrypt_rng_buffer = (u32 *)get_zeroed_page(GFP_KERNEL); |
1941 | if (!zcrypt_rng_buffer) { |
1942 | rc = -ENOMEM; |
1943 | goto out; |
1944 | } |
1945 | zcrypt_rng_buffer_index = 0; |
1946 | rc = hwrng_register(rng: &zcrypt_rng_dev); |
1947 | if (rc) |
1948 | goto out_free; |
1949 | zcrypt_rng_device_count = 1; |
1950 | } else { |
1951 | zcrypt_rng_device_count++; |
1952 | } |
1953 | mutex_unlock(lock: &zcrypt_rng_mutex); |
1954 | return 0; |
1955 | |
1956 | out_free: |
1957 | free_page((unsigned long)zcrypt_rng_buffer); |
1958 | out: |
1959 | mutex_unlock(lock: &zcrypt_rng_mutex); |
1960 | return rc; |
1961 | } |
1962 | |
1963 | void zcrypt_rng_device_remove(void) |
1964 | { |
1965 | mutex_lock(&zcrypt_rng_mutex); |
1966 | zcrypt_rng_device_count--; |
1967 | if (zcrypt_rng_device_count == 0) { |
1968 | hwrng_unregister(rng: &zcrypt_rng_dev); |
1969 | free_page((unsigned long)zcrypt_rng_buffer); |
1970 | } |
1971 | mutex_unlock(lock: &zcrypt_rng_mutex); |
1972 | } |
1973 | |
1974 | /* |
1975 | * Wait until the zcrypt api is operational. |
1976 | * The AP bus scan and the binding of ap devices to device drivers is |
1977 | * an asynchronous job. This function waits until these initial jobs |
1978 | * are done and so the zcrypt api should be ready to serve crypto |
1979 | * requests - if there are resources available. The function uses an |
1980 | * internal timeout of 60s. The very first caller will either wait for |
1981 | * ap bus bindings complete or the timeout happens. This state will be |
1982 | * remembered for further callers which will only be blocked until a |
1983 | * decision is made (timeout or bindings complete). |
1984 | * On timeout -ETIME is returned, on success the return value is 0. |
1985 | */ |
1986 | int zcrypt_wait_api_operational(void) |
1987 | { |
1988 | static DEFINE_MUTEX(zcrypt_wait_api_lock); |
1989 | static int zcrypt_wait_api_state; |
1990 | int rc; |
1991 | |
1992 | rc = mutex_lock_interruptible(&zcrypt_wait_api_lock); |
1993 | if (rc) |
1994 | return rc; |
1995 | |
1996 | switch (zcrypt_wait_api_state) { |
1997 | case 0: |
1998 | /* initial state, invoke wait for the ap bus complete */ |
1999 | rc = ap_wait_init_apqn_bindings_complete( |
2000 | timeout: msecs_to_jiffies(m: 60 * 1000)); |
2001 | switch (rc) { |
2002 | case 0: |
2003 | /* ap bus bindings are complete */ |
2004 | zcrypt_wait_api_state = 1; |
2005 | break; |
2006 | case -EINTR: |
2007 | /* interrupted, go back to caller */ |
2008 | break; |
2009 | case -ETIME: |
2010 | /* timeout */ |
2011 | ZCRYPT_DBF_WARN("%s ap_wait_init_apqn_bindings_complete()=ETIME\n" , |
2012 | __func__); |
2013 | zcrypt_wait_api_state = -ETIME; |
2014 | break; |
2015 | default: |
2016 | /* other failure */ |
2017 | ZCRYPT_DBF_DBG("%s ap_wait_init_apqn_bindings_complete()=%d\n" , |
2018 | __func__, rc); |
2019 | break; |
2020 | } |
2021 | break; |
2022 | case 1: |
2023 | /* a previous caller already found ap bus bindings complete */ |
2024 | rc = 0; |
2025 | break; |
2026 | default: |
2027 | /* a previous caller had timeout or other failure */ |
2028 | rc = zcrypt_wait_api_state; |
2029 | break; |
2030 | } |
2031 | |
2032 | mutex_unlock(lock: &zcrypt_wait_api_lock); |
2033 | |
2034 | return rc; |
2035 | } |
2036 | EXPORT_SYMBOL(zcrypt_wait_api_operational); |
2037 | |
2038 | int __init zcrypt_debug_init(void) |
2039 | { |
2040 | zcrypt_dbf_info = debug_register("zcrypt" , 2, 1, |
2041 | DBF_MAX_SPRINTF_ARGS * sizeof(long)); |
2042 | debug_register_view(zcrypt_dbf_info, &debug_sprintf_view); |
2043 | debug_set_level(zcrypt_dbf_info, DBF_ERR); |
2044 | |
2045 | return 0; |
2046 | } |
2047 | |
2048 | void zcrypt_debug_exit(void) |
2049 | { |
2050 | debug_unregister(zcrypt_dbf_info); |
2051 | } |
2052 | |
2053 | static int __init zcdn_init(void) |
2054 | { |
2055 | int rc; |
2056 | |
2057 | /* create a new class 'zcrypt' */ |
2058 | zcrypt_class = class_create(ZCRYPT_NAME); |
2059 | if (IS_ERR(ptr: zcrypt_class)) { |
2060 | rc = PTR_ERR(ptr: zcrypt_class); |
2061 | goto out_class_create_failed; |
2062 | } |
2063 | zcrypt_class->dev_release = zcdn_device_release; |
2064 | |
2065 | /* alloc device minor range */ |
2066 | rc = alloc_chrdev_region(&zcrypt_devt, |
2067 | 0, ZCRYPT_MAX_MINOR_NODES, |
2068 | ZCRYPT_NAME); |
2069 | if (rc) |
2070 | goto out_alloc_chrdev_failed; |
2071 | |
2072 | cdev_init(&zcrypt_cdev, &zcrypt_fops); |
2073 | zcrypt_cdev.owner = THIS_MODULE; |
2074 | rc = cdev_add(&zcrypt_cdev, zcrypt_devt, ZCRYPT_MAX_MINOR_NODES); |
2075 | if (rc) |
2076 | goto out_cdev_add_failed; |
2077 | |
2078 | /* need some class specific sysfs attributes */ |
2079 | rc = class_create_file(class: zcrypt_class, attr: &class_attr_zcdn_create); |
2080 | if (rc) |
2081 | goto out_class_create_file_1_failed; |
2082 | rc = class_create_file(class: zcrypt_class, attr: &class_attr_zcdn_destroy); |
2083 | if (rc) |
2084 | goto out_class_create_file_2_failed; |
2085 | |
2086 | return 0; |
2087 | |
2088 | out_class_create_file_2_failed: |
2089 | class_remove_file(class: zcrypt_class, attr: &class_attr_zcdn_create); |
2090 | out_class_create_file_1_failed: |
2091 | cdev_del(&zcrypt_cdev); |
2092 | out_cdev_add_failed: |
2093 | unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES); |
2094 | out_alloc_chrdev_failed: |
2095 | class_destroy(cls: zcrypt_class); |
2096 | out_class_create_failed: |
2097 | return rc; |
2098 | } |
2099 | |
2100 | static void zcdn_exit(void) |
2101 | { |
2102 | class_remove_file(class: zcrypt_class, attr: &class_attr_zcdn_create); |
2103 | class_remove_file(class: zcrypt_class, attr: &class_attr_zcdn_destroy); |
2104 | zcdn_destroy_all(); |
2105 | cdev_del(&zcrypt_cdev); |
2106 | unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES); |
2107 | class_destroy(cls: zcrypt_class); |
2108 | } |
2109 | |
2110 | /* |
2111 | * zcrypt_api_init(): Module initialization. |
2112 | * |
2113 | * The module initialization code. |
2114 | */ |
2115 | int __init zcrypt_api_init(void) |
2116 | { |
2117 | int rc; |
2118 | |
2119 | rc = zcrypt_debug_init(); |
2120 | if (rc) |
2121 | goto out; |
2122 | |
2123 | rc = zcdn_init(); |
2124 | if (rc) |
2125 | goto out; |
2126 | |
2127 | /* Register the request sprayer. */ |
2128 | rc = misc_register(misc: &zcrypt_misc_device); |
2129 | if (rc < 0) |
2130 | goto out_misc_register_failed; |
2131 | |
2132 | zcrypt_msgtype6_init(); |
2133 | zcrypt_msgtype50_init(); |
2134 | |
2135 | return 0; |
2136 | |
2137 | out_misc_register_failed: |
2138 | zcdn_exit(); |
2139 | zcrypt_debug_exit(); |
2140 | out: |
2141 | return rc; |
2142 | } |
2143 | |
2144 | /* |
2145 | * zcrypt_api_exit(): Module termination. |
2146 | * |
2147 | * The module termination code. |
2148 | */ |
2149 | void __exit zcrypt_api_exit(void) |
2150 | { |
2151 | zcdn_exit(); |
2152 | misc_deregister(misc: &zcrypt_misc_device); |
2153 | zcrypt_msgtype6_exit(); |
2154 | zcrypt_msgtype50_exit(); |
2155 | zcrypt_ccamisc_exit(); |
2156 | zcrypt_ep11misc_exit(); |
2157 | zcrypt_debug_exit(); |
2158 | } |
2159 | |
2160 | module_init(zcrypt_api_init); |
2161 | module_exit(zcrypt_api_exit); |
2162 | |