drivers/s390/crypto/pkey_api.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *  pkey device driver
   4  *
   5  *  Copyright IBM Corp. 2017,2019
   6  *  Author(s): Harald Freudenberger
   7  */
   8
   9 #define KMSG_COMPONENT "pkey"
  10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
  11
  12 #include <linux/fs.h>
  13 #include <linux/init.h>
  14 #include <linux/miscdevice.h>
  15 #include <linux/module.h>
  16 #include <linux/slab.h>
  17 #include <linux/kallsyms.h>
  18 #include <linux/debugfs.h>
  19 #include <linux/random.h>
  20 #include <linux/cpufeature.h>
  21 #include <asm/zcrypt.h>
  22 #include <asm/cpacf.h>
  23 #include <asm/pkey.h>
  24 #include <crypto/aes.h>
  25
  26 #include "zcrypt_api.h"
  27 #include "zcrypt_ccamisc.h"
  28 #include "zcrypt_ep11misc.h"
  29
  30 MODULE_LICENSE("GPL");
  31 MODULE_AUTHOR("IBM Corporation");
  32 MODULE_DESCRIPTION("s390 protected key interface");
  33
  34 #define KEYBLOBBUFSIZE 8192     /* key buffer size used for internal processing */
  35 #define PROTKEYBLOBBUFSIZE 256  /* protected key buffer size used internal */
  36 #define MAXAPQNSINLIST 64       /* max 64 apqns within a apqn list */
  37
  38 /*
  39  * debug feature data and functions
  40  */
  41
  42 static debug_info_t *debug_info;
  43
  44 #define DEBUG_DBG(...)  debug_sprintf_event(debug_info, 6, ##__VA_ARGS__)
  45 #define DEBUG_INFO(...) debug_sprintf_event(debug_info, 5, ##__VA_ARGS__)
  46 #define DEBUG_WARN(...) debug_sprintf_event(debug_info, 4, ##__VA_ARGS__)
  47 #define DEBUG_ERR(...)  debug_sprintf_event(debug_info, 3, ##__VA_ARGS__)
  48
  49 static void __init pkey_debug_init(void)
  50 {
  51         /* 5 arguments per dbf entry (including the format string ptr) */
  52         debug_info = debug_register("pkey", 1, 1, 5 * sizeof(long));
  53         debug_register_view(debug_info, &debug_sprintf_view);
  54         debug_set_level(debug_info, 3);
  55 }
  56
  57 static void __exit pkey_debug_exit(void)
  58 {
  59         debug_unregister(debug_info);
  60 }
  61
  62 /* inside view of a protected key token (only type 0x00 version 0x01) */
  63 struct protaeskeytoken {
  64         u8  type;     /* 0x00 for PAES specific key tokens */
  65         u8  res0[3];
  66         u8  version;  /* should be 0x01 for protected AES key token */
  67         u8  res1[3];
  68         u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
  69         u32 len;      /* bytes actually stored in protkey[] */
  70         u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
  71 } __packed;
  72
  73 /* inside view of a clear key token (type 0x00 version 0x02) */
  74 struct clearaeskeytoken {
  75         u8  type;        /* 0x00 for PAES specific key tokens */
  76         u8  res0[3];
  77         u8  version;     /* 0x02 for clear AES key token */
  78         u8  res1[3];
  79         u32 keytype;     /* key type, one of the PKEY_KEYTYPE values */
  80         u32 len;         /* bytes actually stored in clearkey[] */
  81         u8  clearkey[]; /* clear key value */
  82 } __packed;
  83
  84 /*
  85  * Create a protected key from a clear key value.
  86  */
  87 static int pkey_clr2protkey(u32 keytype,
  88                             const struct pkey_clrkey *clrkey,
  89                             struct pkey_protkey *protkey)
  90 {
  91         /* mask of available pckmo subfunctions */
  92         static cpacf_mask_t pckmo_functions;
  93
  94         long fc;
  95         int keysize;
  96         u8 paramblock[64];
  97
  98         switch (keytype) {
  99         case PKEY_KEYTYPE_AES_128:
 100                 keysize = 16;
 101                 fc = CPACF_PCKMO_ENC_AES_128_KEY;
 102                 break;
 103         case PKEY_KEYTYPE_AES_192:
 104                 keysize = 24;
 105                 fc = CPACF_PCKMO_ENC_AES_192_KEY;
 106                 break;
 107         case PKEY_KEYTYPE_AES_256:
 108                 keysize = 32;
 109                 fc = CPACF_PCKMO_ENC_AES_256_KEY;
 110                 break;
 111         default:
 112                 DEBUG_ERR("%s unknown/unsupported keytype %d\n",
 113                           __func__, keytype);
 114                 return -EINVAL;
 115         }
 116
 117         /* Did we already check for PCKMO ? */
 118         if (!pckmo_functions.bytes[0]) {
 119                 /* no, so check now */
 120                 if (!cpacf_query(CPACF_PCKMO, &pckmo_functions))
 121                         return -ENODEV;
 122         }
 123         /* check for the pckmo subfunction we need now */
 124         if (!cpacf_test_func(&pckmo_functions, fc)) {
 125                 DEBUG_ERR("%s pckmo functions not available\n", __func__);
 126                 return -ENODEV;
 127         }
 128
 129         /* prepare param block */
 130         memset(paramblock, 0, sizeof(paramblock));
 131         memcpy(paramblock, clrkey->clrkey, keysize);
 132
 133         /* call the pckmo instruction */
 134         cpacf_pckmo(fc, paramblock);
 135
 136         /* copy created protected key */
 137         protkey->type = keytype;
 138         protkey->len = keysize + 32;
 139         memcpy(protkey->protkey, paramblock, keysize + 32);
 140
 141         return 0;
 142 }
 143
 144 /*
 145  * Find card and transform secure key into protected key.
 146  */
 147 static int pkey_skey2pkey(const u8 *key, struct pkey_protkey *pkey)
 148 {
 149         int rc, verify;
 150         u16 cardnr, domain;
 151         struct keytoken_header *hdr = (struct keytoken_header *)key;
 152
 153         /*
 154          * The cca_xxx2protkey call may fail when a card has been
 155          * addressed where the master key was changed after last fetch
 156          * of the mkvp into the cache. Try 3 times: First witout verify
 157          * then with verify and last round with verify and old master
 158          * key verification pattern match not ignored.
 159          */
 160         for (verify = 0; verify < 3; verify++) {
 161                 rc = cca_findcard(key, &cardnr, &domain, verify);
 162                 if (rc < 0)
 163                         continue;
 164                 if (rc > 0 && verify < 2)
 165                         continue;
 166                 switch (hdr->version) {
 167                 case TOKVER_CCA_AES:
 168                         rc = cca_sec2protkey(cardnr, domain,
 169                                              key, pkey->protkey,
 170                                              &pkey->len, &pkey->type);
 171                         break;
 172                 case TOKVER_CCA_VLSC:
 173                         rc = cca_cipher2protkey(cardnr, domain,
 174                                                 key, pkey->protkey,
 175                                                 &pkey->len, &pkey->type);
 176                         break;
 177                 default:
 178                         return -EINVAL;
 179                 }
 180                 if (rc == 0)
 181                         break;
 182         }
 183
 184         if (rc)
 185                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 186
 187         return rc;
 188 }
 189
 190 /*
 191  * Construct EP11 key with given clear key value.
 192  */
 193 static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen,
 194                             u8 *keybuf, size_t *keybuflen)
 195 {
 196         int i, rc;
 197         u16 card, dom;
 198         u32 nr_apqns, *apqns = NULL;
 199
 200         /* build a list of apqns suitable for ep11 keys with cpacf support */
 201         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 202                             ZCRYPT_CEX7, EP11_API_V, NULL);
 203         if (rc)
 204                 goto out;
 205
 206         /* go through the list of apqns and try to bild an ep11 key */
 207         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 208                 card = apqns[i] >> 16;
 209                 dom = apqns[i] & 0xFFFF;
 210                 rc = ep11_clr2keyblob(card, dom, clrkeylen * 8,
 211                                       0, clrkey, keybuf, keybuflen);
 212                 if (rc == 0)
 213                         break;
 214         }
 215
 216 out:
 217         kfree(apqns);
 218         if (rc)
 219                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 220         return rc;
 221 }
 222
 223 /*
 224  * Find card and transform EP11 secure key into protected key.
 225  */
 226 static int pkey_ep11key2pkey(const u8 *key, struct pkey_protkey *pkey)
 227 {
 228         int i, rc;
 229         u16 card, dom;
 230         u32 nr_apqns, *apqns = NULL;
 231         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 232
 233         /* build a list of apqns suitable for this key */
 234         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
 235                             ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 236         if (rc)
 237                 goto out;
 238
 239         /* go through the list of apqns and try to derive an pkey */
 240         for (rc = -ENODEV, i = 0; i < nr_apqns; i++) {
 241                 card = apqns[i] >> 16;
 242                 dom = apqns[i] & 0xFFFF;
 243                 pkey->len = sizeof(pkey->protkey);
 244                 rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 245                                         pkey->protkey, &pkey->len, &pkey->type);
 246                 if (rc == 0)
 247                         break;
 248         }
 249
 250 out:
 251         kfree(apqns);
 252         if (rc)
 253                 DEBUG_DBG("%s failed rc=%d\n", __func__, rc);
 254         return rc;
 255 }
 256
 257 /*
 258  * Verify key and give back some info about the key.
 259  */
 260 static int pkey_verifykey(const struct pkey_seckey *seckey,
 261                           u16 *pcardnr, u16 *pdomain,
 262                           u16 *pkeysize, u32 *pattributes)
 263 {
 264         struct secaeskeytoken *t = (struct secaeskeytoken *) seckey;
 265         u16 cardnr, domain;
 266         int rc;
 267
 268         /* check the secure key for valid AES secure key */
 269         rc = cca_check_secaeskeytoken(debug_info, 3, (u8 *) seckey, 0);
 270         if (rc)
 271                 goto out;
 272         if (pattributes)
 273                 *pattributes = PKEY_VERIFY_ATTR_AES;
 274         if (pkeysize)
 275                 *pkeysize = t->bitsize;
 276
 277         /* try to find a card which can handle this key */
 278         rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1);
 279         if (rc < 0)
 280                 goto out;
 281
 282         if (rc > 0) {
 283                 /* key mkvp matches to old master key mkvp */
 284                 DEBUG_DBG("%s secure key has old mkvp\n", __func__);
 285                 if (pattributes)
 286                         *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP;
 287                 rc = 0;
 288         }
 289
 290         if (pcardnr)
 291                 *pcardnr = cardnr;
 292         if (pdomain)
 293                 *pdomain = domain;
 294
 295 out:
 296         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 297         return rc;
 298 }
 299
 300 /*
 301  * Generate a random protected key
 302  */
 303 static int pkey_genprotkey(u32 keytype, struct pkey_protkey *protkey)
 304 {
 305         struct pkey_clrkey clrkey;
 306         int keysize;
 307         int rc;
 308
 309         switch (keytype) {
 310         case PKEY_KEYTYPE_AES_128:
 311                 keysize = 16;
 312                 break;
 313         case PKEY_KEYTYPE_AES_192:
 314                 keysize = 24;
 315                 break;
 316         case PKEY_KEYTYPE_AES_256:
 317                 keysize = 32;
 318                 break;
 319         default:
 320                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 321                           keytype);
 322                 return -EINVAL;
 323         }
 324
 325         /* generate a dummy random clear key */
 326         get_random_bytes(clrkey.clrkey, keysize);
 327
 328         /* convert it to a dummy protected key */
 329         rc = pkey_clr2protkey(keytype, &clrkey, protkey);
 330         if (rc)
 331                 return rc;
 332
 333         /* replace the key part of the protected key with random bytes */
 334         get_random_bytes(protkey->protkey, keysize);
 335
 336         return 0;
 337 }
 338
 339 /*
 340  * Verify if a protected key is still valid
 341  */
 342 static int pkey_verifyprotkey(const struct pkey_protkey *protkey)
 343 {
 344         unsigned long fc;
 345         struct {
 346                 u8 iv[AES_BLOCK_SIZE];
 347                 u8 key[MAXPROTKEYSIZE];
 348         } param;
 349         u8 null_msg[AES_BLOCK_SIZE];
 350         u8 dest_buf[AES_BLOCK_SIZE];
 351         unsigned int k;
 352
 353         switch (protkey->type) {
 354         case PKEY_KEYTYPE_AES_128:
 355                 fc = CPACF_KMC_PAES_128;
 356                 break;
 357         case PKEY_KEYTYPE_AES_192:
 358                 fc = CPACF_KMC_PAES_192;
 359                 break;
 360         case PKEY_KEYTYPE_AES_256:
 361                 fc = CPACF_KMC_PAES_256;
 362                 break;
 363         default:
 364                 DEBUG_ERR("%s unknown/unsupported keytype %d\n", __func__,
 365                           protkey->type);
 366                 return -EINVAL;
 367         }
 368
 369         memset(null_msg, 0, sizeof(null_msg));
 370
 371         memset(param.iv, 0, sizeof(param.iv));
 372         memcpy(param.key, protkey->protkey, sizeof(param.key));
 373
 374         k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf,
 375                       sizeof(null_msg));
 376         if (k != sizeof(null_msg)) {
 377                 DEBUG_ERR("%s protected key is not valid\n", __func__);
 378                 return -EKEYREJECTED;
 379         }
 380
 381         return 0;
 382 }
 383
 384 /*
 385  * Transform a non-CCA key token into a protected key
 386  */
 387 static int pkey_nonccatok2pkey(const u8 *key, u32 keylen,
 388                                struct pkey_protkey *protkey)
 389 {
 390         int rc = -EINVAL;
 391         u8 *tmpbuf = NULL;
 392         struct keytoken_header *hdr = (struct keytoken_header *)key;
 393
 394         switch (hdr->version) {
 395         case TOKVER_PROTECTED_KEY: {
 396                 struct protaeskeytoken *t;
 397
 398                 if (keylen != sizeof(struct protaeskeytoken))
 399                         goto out;
 400                 t = (struct protaeskeytoken *)key;
 401                 protkey->len = t->len;
 402                 protkey->type = t->keytype;
 403                 memcpy(protkey->protkey, t->protkey,
 404                        sizeof(protkey->protkey));
 405                 rc = pkey_verifyprotkey(protkey);
 406                 break;
 407         }
 408         case TOKVER_CLEAR_KEY: {
 409                 struct clearaeskeytoken *t;
 410                 struct pkey_clrkey ckey;
 411                 union u_tmpbuf {
 412                         u8 skey[SECKEYBLOBSIZE];
 413                         u8 ep11key[MAXEP11AESKEYBLOBSIZE];
 414                 };
 415                 size_t tmpbuflen = sizeof(union u_tmpbuf);
 416
 417                 if (keylen < sizeof(struct clearaeskeytoken))
 418                         goto out;
 419                 t = (struct clearaeskeytoken *)key;
 420                 if (keylen != sizeof(*t) + t->len)
 421                         goto out;
 422                 if ((t->keytype == PKEY_KEYTYPE_AES_128 && t->len == 16)
 423                     || (t->keytype == PKEY_KEYTYPE_AES_192 && t->len == 24)
 424                     || (t->keytype == PKEY_KEYTYPE_AES_256 && t->len == 32))
 425                         memcpy(ckey.clrkey, t->clearkey, t->len);
 426                 else
 427                         goto out;
 428                 /* alloc temp key buffer space */
 429                 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC);
 430                 if (!tmpbuf) {
 431                         rc = -ENOMEM;
 432                         goto out;
 433                 }
 434                 /* try direct way with the PCKMO instruction */
 435                 rc = pkey_clr2protkey(t->keytype, &ckey, protkey);
 436                 if (rc == 0)
 437                         break;
 438                 /* PCKMO failed, so try the CCA secure key way */
 439                 rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype,
 440                                     ckey.clrkey, tmpbuf);
 441                 if (rc == 0)
 442                         rc = pkey_skey2pkey(tmpbuf, protkey);
 443                 if (rc == 0)
 444                         break;
 445                 /* if the CCA way also failed, let's try via EP11 */
 446                 rc = pkey_clr2ep11key(ckey.clrkey, t->len,
 447                                       tmpbuf, &tmpbuflen);
 448                 if (rc == 0)
 449                         rc = pkey_ep11key2pkey(tmpbuf, protkey);
 450                 /* now we should really have an protected key */
 451                 DEBUG_ERR("%s unable to build protected key from clear",
 452                           __func__);
 453                 break;
 454         }
 455         case TOKVER_EP11_AES: {
 456                 /* check ep11 key for exportable as protected key */
 457                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 458                 if (rc)
 459                         goto out;
 460                 rc = pkey_ep11key2pkey(key, protkey);
 461                 break;
 462         }
 463         case TOKVER_EP11_AES_WITH_HEADER:
 464                 /* check ep11 key with header for exportable as protected key */
 465                 rc = ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1);
 466                 if (rc)
 467                         goto out;
 468                 rc = pkey_ep11key2pkey(key + sizeof(struct ep11kblob_header),
 469                                        protkey);
 470                 break;
 471         default:
 472                 DEBUG_ERR("%s unknown/unsupported non-CCA token version %d\n",
 473                           __func__, hdr->version);
 474                 rc = -EINVAL;
 475         }
 476
 477 out:
 478         kfree(tmpbuf);
 479         return rc;
 480 }
 481
 482 /*
 483  * Transform a CCA internal key token into a protected key
 484  */
 485 static int pkey_ccainttok2pkey(const u8 *key, u32 keylen,
 486                                struct pkey_protkey *protkey)
 487 {
 488         struct keytoken_header *hdr = (struct keytoken_header *)key;
 489
 490         switch (hdr->version) {
 491         case TOKVER_CCA_AES:
 492                 if (keylen != sizeof(struct secaeskeytoken))
 493                         return -EINVAL;
 494                 break;
 495         case TOKVER_CCA_VLSC:
 496                 if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 497                         return -EINVAL;
 498                 break;
 499         default:
 500                 DEBUG_ERR("%s unknown/unsupported CCA internal token version %d\n",
 501                           __func__, hdr->version);
 502                 return -EINVAL;
 503         }
 504
 505         return pkey_skey2pkey(key, protkey);
 506 }
 507
 508 /*
 509  * Transform a key blob (of any type) into a protected key
 510  */
 511 int pkey_keyblob2pkey(const u8 *key, u32 keylen,
 512                       struct pkey_protkey *protkey)
 513 {
 514         int rc;
 515         struct keytoken_header *hdr = (struct keytoken_header *)key;
 516
 517         if (keylen < sizeof(struct keytoken_header)) {
 518                 DEBUG_ERR("%s invalid keylen %d\n", __func__, keylen);
 519                 return -EINVAL;
 520         }
 521
 522         switch (hdr->type) {
 523         case TOKTYPE_NON_CCA:
 524                 rc = pkey_nonccatok2pkey(key, keylen, protkey);
 525                 break;
 526         case TOKTYPE_CCA_INTERNAL:
 527                 rc = pkey_ccainttok2pkey(key, keylen, protkey);
 528                 break;
 529         default:
 530                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 531                           __func__, hdr->type);
 532                 return -EINVAL;
 533         }
 534
 535         DEBUG_DBG("%s rc=%d\n", __func__, rc);
 536         return rc;
 537
 538 }
 539 EXPORT_SYMBOL(pkey_keyblob2pkey);
 540
 541 static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 542                            enum pkey_key_type ktype, enum pkey_key_size ksize,
 543                            u32 kflags, u8 *keybuf, size_t *keybufsize)
 544 {
 545         int i, card, dom, rc;
 546
 547         /* check for at least one apqn given */
 548         if (!apqns || !nr_apqns)
 549                 return -EINVAL;
 550
 551         /* check key type and size */
 552         switch (ktype) {
 553         case PKEY_TYPE_CCA_DATA:
 554         case PKEY_TYPE_CCA_CIPHER:
 555                 if (*keybufsize < SECKEYBLOBSIZE)
 556                         return -EINVAL;
 557                 break;
 558         case PKEY_TYPE_EP11:
 559                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 560                         return -EINVAL;
 561                 break;
 562         default:
 563                 return -EINVAL;
 564         }
 565         switch (ksize) {
 566         case PKEY_SIZE_AES_128:
 567         case PKEY_SIZE_AES_192:
 568         case PKEY_SIZE_AES_256:
 569                 break;
 570         default:
 571                 return -EINVAL;
 572         }
 573
 574         /* simple try all apqns from the list */
 575         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 576                 card = apqns[i].card;
 577                 dom = apqns[i].domain;
 578                 if (ktype == PKEY_TYPE_EP11) {
 579                         rc = ep11_genaeskey(card, dom, ksize, kflags,
 580                                             keybuf, keybufsize);
 581                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 582                         rc = cca_genseckey(card, dom, ksize, keybuf);
 583                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 584                 } else /* TOKVER_CCA_VLSC */
 585                         rc = cca_gencipherkey(card, dom, ksize, kflags,
 586                                               keybuf, keybufsize);
 587                 if (rc == 0)
 588                         break;
 589         }
 590
 591         return rc;
 592 }
 593
 594 static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 595                             enum pkey_key_type ktype, enum pkey_key_size ksize,
 596                             u32 kflags, const u8 *clrkey,
 597                             u8 *keybuf, size_t *keybufsize)
 598 {
 599         int i, card, dom, rc;
 600
 601         /* check for at least one apqn given */
 602         if (!apqns || !nr_apqns)
 603                 return -EINVAL;
 604
 605         /* check key type and size */
 606         switch (ktype) {
 607         case PKEY_TYPE_CCA_DATA:
 608         case PKEY_TYPE_CCA_CIPHER:
 609                 if (*keybufsize < SECKEYBLOBSIZE)
 610                         return -EINVAL;
 611                 break;
 612         case PKEY_TYPE_EP11:
 613                 if (*keybufsize < MINEP11AESKEYBLOBSIZE)
 614                         return -EINVAL;
 615                 break;
 616         default:
 617                 return -EINVAL;
 618         }
 619         switch (ksize) {
 620         case PKEY_SIZE_AES_128:
 621         case PKEY_SIZE_AES_192:
 622         case PKEY_SIZE_AES_256:
 623                 break;
 624         default:
 625                 return -EINVAL;
 626         }
 627
 628         /* simple try all apqns from the list */
 629         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 630                 card = apqns[i].card;
 631                 dom = apqns[i].domain;
 632                 if (ktype == PKEY_TYPE_EP11) {
 633                         rc = ep11_clr2keyblob(card, dom, ksize, kflags,
 634                                               clrkey, keybuf, keybufsize);
 635                 } else if (ktype == PKEY_TYPE_CCA_DATA) {
 636                         rc = cca_clr2seckey(card, dom, ksize,
 637                                             clrkey, keybuf);
 638                         *keybufsize = (rc ? 0 : SECKEYBLOBSIZE);
 639                 } else /* TOKVER_CCA_VLSC */
 640                         rc = cca_clr2cipherkey(card, dom, ksize, kflags,
 641                                                clrkey, keybuf, keybufsize);
 642                 if (rc == 0)
 643                         break;
 644         }
 645
 646         return rc;
 647 }
 648
 649 static int pkey_verifykey2(const u8 *key, size_t keylen,
 650                            u16 *cardnr, u16 *domain,
 651                            enum pkey_key_type *ktype,
 652                            enum pkey_key_size *ksize, u32 *flags)
 653 {
 654         int rc;
 655         u32 _nr_apqns, *_apqns = NULL;
 656         struct keytoken_header *hdr = (struct keytoken_header *)key;
 657
 658         if (keylen < sizeof(struct keytoken_header))
 659                 return -EINVAL;
 660
 661         if (hdr->type == TOKTYPE_CCA_INTERNAL
 662             && hdr->version == TOKVER_CCA_AES) {
 663                 struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 664
 665                 rc = cca_check_secaeskeytoken(debug_info, 3, key, 0);
 666                 if (rc)
 667                         goto out;
 668                 if (ktype)
 669                         *ktype = PKEY_TYPE_CCA_DATA;
 670                 if (ksize)
 671                         *ksize = (enum pkey_key_size) t->bitsize;
 672
 673                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 674                                    ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1);
 675                 if (rc == 0 && flags)
 676                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 677                 if (rc == -ENODEV) {
 678                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 679                                            *cardnr, *domain,
 680                                            ZCRYPT_CEX3C, AES_MK_SET,
 681                                            0, t->mkvp, 1);
 682                         if (rc == 0 && flags)
 683                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 684                 }
 685                 if (rc)
 686                         goto out;
 687
 688                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 689                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 690
 691         } else if (hdr->type == TOKTYPE_CCA_INTERNAL
 692                    && hdr->version == TOKVER_CCA_VLSC) {
 693                 struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 694
 695                 rc = cca_check_secaescipherkey(debug_info, 3, key, 0, 1);
 696                 if (rc)
 697                         goto out;
 698                 if (ktype)
 699                         *ktype = PKEY_TYPE_CCA_CIPHER;
 700                 if (ksize) {
 701                         *ksize = PKEY_SIZE_UNKNOWN;
 702                         if (!t->plfver && t->wpllen == 512)
 703                                 *ksize = PKEY_SIZE_AES_128;
 704                         else if (!t->plfver && t->wpllen == 576)
 705                                 *ksize = PKEY_SIZE_AES_192;
 706                         else if (!t->plfver && t->wpllen == 640)
 707                                 *ksize = PKEY_SIZE_AES_256;
 708                 }
 709
 710                 rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 711                                    ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1);
 712                 if (rc == 0 && flags)
 713                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 714                 if (rc == -ENODEV) {
 715                         rc = cca_findcard2(&_apqns, &_nr_apqns,
 716                                            *cardnr, *domain,
 717                                            ZCRYPT_CEX6, AES_MK_SET,
 718                                            0, t->mkvp0, 1);
 719                         if (rc == 0 && flags)
 720                                 *flags = PKEY_FLAGS_MATCH_ALT_MKVP;
 721                 }
 722                 if (rc)
 723                         goto out;
 724
 725                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 726                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 727
 728         } else if (hdr->type == TOKTYPE_NON_CCA
 729                    && hdr->version == TOKVER_EP11_AES) {
 730                 struct ep11keyblob *kb = (struct ep11keyblob *)key;
 731
 732                 rc = ep11_check_aes_key(debug_info, 3, key, keylen, 1);
 733                 if (rc)
 734                         goto out;
 735                 if (ktype)
 736                         *ktype = PKEY_TYPE_EP11;
 737                 if (ksize)
 738                         *ksize = kb->head.keybitlen;
 739
 740                 rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain,
 741                                     ZCRYPT_CEX7, EP11_API_V, kb->wkvp);
 742                 if (rc)
 743                         goto out;
 744
 745                 if (flags)
 746                         *flags = PKEY_FLAGS_MATCH_CUR_MKVP;
 747
 748                 *cardnr = ((struct pkey_apqn *)_apqns)->card;
 749                 *domain = ((struct pkey_apqn *)_apqns)->domain;
 750
 751         } else
 752                 rc = -EINVAL;
 753
 754 out:
 755         kfree(_apqns);
 756         return rc;
 757 }
 758
 759 static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns,
 760                               const u8 *key, size_t keylen,
 761                               struct pkey_protkey *pkey)
 762 {
 763         int i, card, dom, rc;
 764         struct keytoken_header *hdr = (struct keytoken_header *)key;
 765
 766         /* check for at least one apqn given */
 767         if (!apqns || !nr_apqns)
 768                 return -EINVAL;
 769
 770         if (keylen < sizeof(struct keytoken_header))
 771                 return -EINVAL;
 772
 773         if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 774                 if (hdr->version == TOKVER_CCA_AES) {
 775                         if (keylen != sizeof(struct secaeskeytoken))
 776                                 return -EINVAL;
 777                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
 778                                 return -EINVAL;
 779                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 780                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
 781                                 return -EINVAL;
 782                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
 783                                 return -EINVAL;
 784                 } else {
 785                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
 786                                   __func__, hdr->version);
 787                         return -EINVAL;
 788                 }
 789         } else if (hdr->type == TOKTYPE_NON_CCA) {
 790                 if (hdr->version == TOKVER_EP11_AES) {
 791                         if (keylen < sizeof(struct ep11keyblob))
 792                                 return -EINVAL;
 793                         if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
 794                                 return -EINVAL;
 795                 } else {
 796                         return pkey_nonccatok2pkey(key, keylen, pkey);
 797                 }
 798         } else {
 799                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
 800                           __func__, hdr->type);
 801                 return -EINVAL;
 802         }
 803
 804         /* simple try all apqns from the list */
 805         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
 806                 card = apqns[i].card;
 807                 dom = apqns[i].domain;
 808                 if (hdr->type == TOKTYPE_CCA_INTERNAL
 809                     && hdr->version == TOKVER_CCA_AES)
 810                         rc = cca_sec2protkey(card, dom, key, pkey->protkey,
 811                                              &pkey->len, &pkey->type);
 812                 else if (hdr->type == TOKTYPE_CCA_INTERNAL
 813                          && hdr->version == TOKVER_CCA_VLSC)
 814                         rc = cca_cipher2protkey(card, dom, key, pkey->protkey,
 815                                                 &pkey->len, &pkey->type);
 816                 else { /* EP11 AES secure key blob */
 817                         struct ep11keyblob *kb = (struct ep11keyblob *) key;
 818
 819                         pkey->len = sizeof(pkey->protkey);
 820                         rc = ep11_kblob2protkey(card, dom, key, kb->head.len,
 821                                                 pkey->protkey, &pkey->len,
 822                                                 &pkey->type);
 823                 }
 824                 if (rc == 0)
 825                         break;
 826         }
 827
 828         return rc;
 829 }
 830
 831 static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags,
 832                           struct pkey_apqn *apqns, size_t *nr_apqns)
 833 {
 834         int rc;
 835         u32 _nr_apqns, *_apqns = NULL;
 836         struct keytoken_header *hdr = (struct keytoken_header *)key;
 837
 838         if (keylen < sizeof(struct keytoken_header) || flags == 0)
 839                 return -EINVAL;
 840
 841         if (hdr->type == TOKTYPE_NON_CCA
 842             && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
 843                 || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
 844             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
 845                 int minhwtype = 0, api = 0;
 846                 struct ep11keyblob *kb = (struct ep11keyblob *)
 847                         (key + sizeof(struct ep11kblob_header));
 848
 849                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 850                         return -EINVAL;
 851                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 852                         minhwtype = ZCRYPT_CEX7;
 853                         api = EP11_API_V;
 854                 }
 855                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 856                                     minhwtype, api, kb->wkvp);
 857                 if (rc)
 858                         goto out;
 859         } else if (hdr->type == TOKTYPE_NON_CCA
 860                    && hdr->version == TOKVER_EP11_AES
 861                    && is_ep11_keyblob(key)) {
 862                 int minhwtype = 0, api = 0;
 863                 struct ep11keyblob *kb = (struct ep11keyblob *) key;
 864
 865                 if (flags != PKEY_FLAGS_MATCH_CUR_MKVP)
 866                         return -EINVAL;
 867                 if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) {
 868                         minhwtype = ZCRYPT_CEX7;
 869                         api = EP11_API_V;
 870                 }
 871                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 872                                     minhwtype, api, kb->wkvp);
 873                 if (rc)
 874                         goto out;
 875         } else if (hdr->type == TOKTYPE_CCA_INTERNAL) {
 876                 int minhwtype = ZCRYPT_CEX3C;
 877                 u64 cur_mkvp = 0, old_mkvp = 0;
 878
 879                 if (hdr->version == TOKVER_CCA_AES) {
 880                         struct secaeskeytoken *t = (struct secaeskeytoken *)key;
 881
 882                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 883                                 cur_mkvp = t->mkvp;
 884                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 885                                 old_mkvp = t->mkvp;
 886                 } else if (hdr->version == TOKVER_CCA_VLSC) {
 887                         struct cipherkeytoken *t = (struct cipherkeytoken *)key;
 888
 889                         minhwtype = ZCRYPT_CEX6;
 890                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 891                                 cur_mkvp = t->mkvp0;
 892                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 893                                 old_mkvp = t->mkvp0;
 894                 } else {
 895                         /* unknown cca internal token type */
 896                         return -EINVAL;
 897                 }
 898                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 899                                    minhwtype, AES_MK_SET,
 900                                    cur_mkvp, old_mkvp, 1);
 901                 if (rc)
 902                         goto out;
 903         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
 904                 u64 cur_mkvp = 0, old_mkvp = 0;
 905                 struct eccprivkeytoken *t = (struct eccprivkeytoken *)key;
 906
 907                 if (t->secid == 0x20) {
 908                         if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 909                                 cur_mkvp = t->mkvp;
 910                         if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 911                                 old_mkvp = t->mkvp;
 912                 } else {
 913                         /* unknown cca internal 2 token type */
 914                         return -EINVAL;
 915                 }
 916                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 917                                    ZCRYPT_CEX7, APKA_MK_SET,
 918                                    cur_mkvp, old_mkvp, 1);
 919                 if (rc)
 920                         goto out;
 921         } else
 922                 return -EINVAL;
 923
 924         if (apqns) {
 925                 if (*nr_apqns < _nr_apqns)
 926                         rc = -ENOSPC;
 927                 else
 928                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 929         }
 930         *nr_apqns = _nr_apqns;
 931
 932 out:
 933         kfree(_apqns);
 934         return rc;
 935 }
 936
 937 static int pkey_apqns4keytype(enum pkey_key_type ktype,
 938                               u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags,
 939                               struct pkey_apqn *apqns, size_t *nr_apqns)
 940 {
 941         int rc;
 942         u32 _nr_apqns, *_apqns = NULL;
 943
 944         if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) {
 945                 u64 cur_mkvp = 0, old_mkvp = 0;
 946                 int minhwtype = ZCRYPT_CEX3C;
 947
 948                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 949                         cur_mkvp = *((u64 *) cur_mkvp);
 950                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 951                         old_mkvp = *((u64 *) alt_mkvp);
 952                 if (ktype == PKEY_TYPE_CCA_CIPHER)
 953                         minhwtype = ZCRYPT_CEX6;
 954                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 955                                    minhwtype, AES_MK_SET,
 956                                    cur_mkvp, old_mkvp, 1);
 957                 if (rc)
 958                         goto out;
 959         } else if (ktype == PKEY_TYPE_CCA_ECC) {
 960                 u64 cur_mkvp = 0, old_mkvp = 0;
 961
 962                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 963                         cur_mkvp = *((u64 *) cur_mkvp);
 964                 if (flags & PKEY_FLAGS_MATCH_ALT_MKVP)
 965                         old_mkvp = *((u64 *) alt_mkvp);
 966                 rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 967                                    ZCRYPT_CEX7, APKA_MK_SET,
 968                                    cur_mkvp, old_mkvp, 1);
 969                 if (rc)
 970                         goto out;
 971
 972         } else if (ktype == PKEY_TYPE_EP11 ||
 973                    ktype == PKEY_TYPE_EP11_AES ||
 974                    ktype == PKEY_TYPE_EP11_ECC) {
 975                 u8 *wkvp = NULL;
 976
 977                 if (flags & PKEY_FLAGS_MATCH_CUR_MKVP)
 978                         wkvp = cur_mkvp;
 979                 rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF,
 980                                     ZCRYPT_CEX7, EP11_API_V, wkvp);
 981                 if (rc)
 982                         goto out;
 983
 984         } else
 985                 return -EINVAL;
 986
 987         if (apqns) {
 988                 if (*nr_apqns < _nr_apqns)
 989                         rc = -ENOSPC;
 990                 else
 991                         memcpy(apqns, _apqns, _nr_apqns * sizeof(u32));
 992         }
 993         *nr_apqns = _nr_apqns;
 994
 995 out:
 996         kfree(_apqns);
 997         return rc;
 998 }
 999
1000 static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns,
1001                               const u8 *key, size_t keylen, u32 *protkeytype,
1002                               u8 *protkey, u32 *protkeylen)
1003 {
1004         int i, card, dom, rc;
1005         struct keytoken_header *hdr = (struct keytoken_header *)key;
1006
1007         /* check for at least one apqn given */
1008         if (!apqns || !nr_apqns)
1009                 return -EINVAL;
1010
1011         if (keylen < sizeof(struct keytoken_header))
1012                 return -EINVAL;
1013
1014         if (hdr->type == TOKTYPE_NON_CCA
1015             && hdr->version == TOKVER_EP11_AES_WITH_HEADER
1016             && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1017                 /* EP11 AES key blob with header */
1018                 if (ep11_check_aes_key_with_hdr(debug_info, 3, key, keylen, 1))
1019                         return -EINVAL;
1020         } else if (hdr->type == TOKTYPE_NON_CCA
1021                    && hdr->version == TOKVER_EP11_ECC_WITH_HEADER
1022                    && is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) {
1023                 /* EP11 ECC key blob with header */
1024                 if (ep11_check_ecc_key_with_hdr(debug_info, 3, key, keylen, 1))
1025                         return -EINVAL;
1026         } else if (hdr->type == TOKTYPE_NON_CCA
1027                    && hdr->version == TOKVER_EP11_AES
1028                    && is_ep11_keyblob(key)) {
1029                 /* EP11 AES key blob with header in session field */
1030                 if (ep11_check_aes_key(debug_info, 3, key, keylen, 1))
1031                         return -EINVAL;
1032         } else  if (hdr->type == TOKTYPE_CCA_INTERNAL) {
1033                 if (hdr->version == TOKVER_CCA_AES) {
1034                         /* CCA AES data key */
1035                         if (keylen != sizeof(struct secaeskeytoken))
1036                                 return -EINVAL;
1037                         if (cca_check_secaeskeytoken(debug_info, 3, key, 0))
1038                                 return -EINVAL;
1039                 } else if (hdr->version == TOKVER_CCA_VLSC) {
1040                         /* CCA AES cipher key */
1041                         if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE)
1042                                 return -EINVAL;
1043                         if (cca_check_secaescipherkey(debug_info, 3, key, 0, 1))
1044                                 return -EINVAL;
1045                 } else {
1046                         DEBUG_ERR("%s unknown CCA internal token version %d\n",
1047                                   __func__, hdr->version);
1048                         return -EINVAL;
1049                 }
1050         } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) {
1051                 /* CCA ECC (private) key */
1052                 if (keylen < sizeof(struct eccprivkeytoken))
1053                         return -EINVAL;
1054                 if (cca_check_sececckeytoken(debug_info, 3, key, keylen, 1))
1055                         return -EINVAL;
1056         } else if (hdr->type == TOKTYPE_NON_CCA) {
1057                 struct pkey_protkey pkey;
1058
1059                 rc = pkey_nonccatok2pkey(key, keylen, &pkey);
1060                 if (rc)
1061                         return rc;
1062                 memcpy(protkey, pkey.protkey, pkey.len);
1063                 *protkeylen = pkey.len;
1064                 *protkeytype = pkey.type;
1065                 return 0;
1066         } else {
1067                 DEBUG_ERR("%s unknown/unsupported blob type %d\n",
1068                           __func__, hdr->type);
1069                 return -EINVAL;
1070         }
1071
1072         /* simple try all apqns from the list */
1073         for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) {
1074                 card = apqns[i].card;
1075                 dom = apqns[i].domain;
1076                 if (hdr->type == TOKTYPE_NON_CCA
1077                     && (hdr->version == TOKVER_EP11_AES_WITH_HEADER
1078                         || hdr->version == TOKVER_EP11_ECC_WITH_HEADER)
1079                     && is_ep11_keyblob(key + sizeof(struct ep11kblob_header)))
1080                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1081                                                 protkey, protkeylen, protkeytype);
1082                 else if (hdr->type == TOKTYPE_NON_CCA
1083                          && hdr->version == TOKVER_EP11_AES
1084                          && is_ep11_keyblob(key))
1085                         rc = ep11_kblob2protkey(card, dom, key, hdr->len,
1086                                                 protkey, protkeylen, protkeytype);
1087                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1088                          hdr->version == TOKVER_CCA_AES)
1089                         rc = cca_sec2protkey(card, dom, key, protkey,
1090                                              protkeylen, protkeytype);
1091                 else if (hdr->type == TOKTYPE_CCA_INTERNAL &&
1092                          hdr->version == TOKVER_CCA_VLSC)
1093                         rc = cca_cipher2protkey(card, dom, key, protkey,
1094                                                 protkeylen, protkeytype);
1095                 else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA)
1096                         rc = cca_ecc2protkey(card, dom, key, protkey,
1097                                              protkeylen, protkeytype);
1098                 else
1099                         return -EINVAL;
1100         }
1101
1102         return rc;
1103 }
1104
1105 /*
1106  * File io functions
1107  */
1108
1109 static void *_copy_key_from_user(void __user *ukey, size_t keylen)
1110 {
1111         if (!ukey || keylen < MINKEYBLOBSIZE || keylen > KEYBLOBBUFSIZE)
1112                 return ERR_PTR(-EINVAL);
1113
1114         return memdup_user(ukey, keylen);
1115 }
1116
1117 static void *_copy_apqns_from_user(void __user *uapqns, size_t nr_apqns)
1118 {
1119         if (!uapqns || nr_apqns == 0)
1120                 return NULL;
1121
1122         return memdup_user(uapqns, nr_apqns * sizeof(struct pkey_apqn));
1123 }
1124
1125 static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
1126                                 unsigned long arg)
1127 {
1128         int rc;
1129
1130         switch (cmd) {
1131         case PKEY_GENSECK: {
1132                 struct pkey_genseck __user *ugs = (void __user *) arg;
1133                 struct pkey_genseck kgs;
1134
1135                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1136                         return -EFAULT;
1137                 rc = cca_genseckey(kgs.cardnr, kgs.domain,
1138                                    kgs.keytype, kgs.seckey.seckey);
1139                 DEBUG_DBG("%s cca_genseckey()=%d\n", __func__, rc);
1140                 if (rc)
1141                         break;
1142                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1143                         return -EFAULT;
1144                 break;
1145         }
1146         case PKEY_CLR2SECK: {
1147                 struct pkey_clr2seck __user *ucs = (void __user *) arg;
1148                 struct pkey_clr2seck kcs;
1149
1150                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1151                         return -EFAULT;
1152                 rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype,
1153                                     kcs.clrkey.clrkey, kcs.seckey.seckey);
1154                 DEBUG_DBG("%s cca_clr2seckey()=%d\n", __func__, rc);
1155                 if (rc)
1156                         break;
1157                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1158                         return -EFAULT;
1159                 memzero_explicit(&kcs, sizeof(kcs));
1160                 break;
1161         }
1162         case PKEY_SEC2PROTK: {
1163                 struct pkey_sec2protk __user *usp = (void __user *) arg;
1164                 struct pkey_sec2protk ksp;
1165
1166                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1167                         return -EFAULT;
1168                 rc = cca_sec2protkey(ksp.cardnr, ksp.domain,
1169                                      ksp.seckey.seckey, ksp.protkey.protkey,
1170                                      &ksp.protkey.len, &ksp.protkey.type);
1171                 DEBUG_DBG("%s cca_sec2protkey()=%d\n", __func__, rc);
1172                 if (rc)
1173                         break;
1174                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1175                         return -EFAULT;
1176                 break;
1177         }
1178         case PKEY_CLR2PROTK: {
1179                 struct pkey_clr2protk __user *ucp = (void __user *) arg;
1180                 struct pkey_clr2protk kcp;
1181
1182                 if (copy_from_user(&kcp, ucp, sizeof(kcp)))
1183                         return -EFAULT;
1184                 rc = pkey_clr2protkey(kcp.keytype,
1185                                       &kcp.clrkey, &kcp.protkey);
1186                 DEBUG_DBG("%s pkey_clr2protkey()=%d\n", __func__, rc);
1187                 if (rc)
1188                         break;
1189                 if (copy_to_user(ucp, &kcp, sizeof(kcp)))
1190                         return -EFAULT;
1191                 memzero_explicit(&kcp, sizeof(kcp));
1192                 break;
1193         }
1194         case PKEY_FINDCARD: {
1195                 struct pkey_findcard __user *ufc = (void __user *) arg;
1196                 struct pkey_findcard kfc;
1197
1198                 if (copy_from_user(&kfc, ufc, sizeof(kfc)))
1199                         return -EFAULT;
1200                 rc = cca_findcard(kfc.seckey.seckey,
1201                                   &kfc.cardnr, &kfc.domain, 1);
1202                 DEBUG_DBG("%s cca_findcard()=%d\n", __func__, rc);
1203                 if (rc < 0)
1204                         break;
1205                 if (copy_to_user(ufc, &kfc, sizeof(kfc)))
1206                         return -EFAULT;
1207                 break;
1208         }
1209         case PKEY_SKEY2PKEY: {
1210                 struct pkey_skey2pkey __user *usp = (void __user *) arg;
1211                 struct pkey_skey2pkey ksp;
1212
1213                 if (copy_from_user(&ksp, usp, sizeof(ksp)))
1214                         return -EFAULT;
1215                 rc = pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey);
1216                 DEBUG_DBG("%s pkey_skey2pkey()=%d\n", __func__, rc);
1217                 if (rc)
1218                         break;
1219                 if (copy_to_user(usp, &ksp, sizeof(ksp)))
1220                         return -EFAULT;
1221                 break;
1222         }
1223         case PKEY_VERIFYKEY: {
1224                 struct pkey_verifykey __user *uvk = (void __user *) arg;
1225                 struct pkey_verifykey kvk;
1226
1227                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1228                         return -EFAULT;
1229                 rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain,
1230                                     &kvk.keysize, &kvk.attributes);
1231                 DEBUG_DBG("%s pkey_verifykey()=%d\n", __func__, rc);
1232                 if (rc)
1233                         break;
1234                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1235                         return -EFAULT;
1236                 break;
1237         }
1238         case PKEY_GENPROTK: {
1239                 struct pkey_genprotk __user *ugp = (void __user *) arg;
1240                 struct pkey_genprotk kgp;
1241
1242                 if (copy_from_user(&kgp, ugp, sizeof(kgp)))
1243                         return -EFAULT;
1244                 rc = pkey_genprotkey(kgp.keytype, &kgp.protkey);
1245                 DEBUG_DBG("%s pkey_genprotkey()=%d\n", __func__, rc);
1246                 if (rc)
1247                         break;
1248                 if (copy_to_user(ugp, &kgp, sizeof(kgp)))
1249                         return -EFAULT;
1250                 break;
1251         }
1252         case PKEY_VERIFYPROTK: {
1253                 struct pkey_verifyprotk __user *uvp = (void __user *) arg;
1254                 struct pkey_verifyprotk kvp;
1255
1256                 if (copy_from_user(&kvp, uvp, sizeof(kvp)))
1257                         return -EFAULT;
1258                 rc = pkey_verifyprotkey(&kvp.protkey);
1259                 DEBUG_DBG("%s pkey_verifyprotkey()=%d\n", __func__, rc);
1260                 break;
1261         }
1262         case PKEY_KBLOB2PROTK: {
1263                 struct pkey_kblob2pkey __user *utp = (void __user *) arg;
1264                 struct pkey_kblob2pkey ktp;
1265                 u8 *kkey;
1266
1267                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1268                         return -EFAULT;
1269                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1270                 if (IS_ERR(kkey))
1271                         return PTR_ERR(kkey);
1272                 rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
1273                 DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
1274                 kfree(kkey);
1275                 if (rc)
1276                         break;
1277                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1278                         return -EFAULT;
1279                 break;
1280         }
1281         case PKEY_GENSECK2: {
1282                 struct pkey_genseck2 __user *ugs = (void __user *) arg;
1283                 struct pkey_genseck2 kgs;
1284                 struct pkey_apqn *apqns;
1285                 size_t klen = KEYBLOBBUFSIZE;
1286                 u8 *kkey;
1287
1288                 if (copy_from_user(&kgs, ugs, sizeof(kgs)))
1289                         return -EFAULT;
1290                 apqns = _copy_apqns_from_user(kgs.apqns, kgs.apqn_entries);
1291                 if (IS_ERR(apqns))
1292                         return PTR_ERR(apqns);
1293                 kkey = kmalloc(klen, GFP_KERNEL);
1294                 if (!kkey) {
1295                         kfree(apqns);
1296                         return -ENOMEM;
1297                 }
1298                 rc = pkey_genseckey2(apqns, kgs.apqn_entries,
1299                                      kgs.type, kgs.size, kgs.keygenflags,
1300                                      kkey, &klen);
1301                 DEBUG_DBG("%s pkey_genseckey2()=%d\n", __func__, rc);
1302                 kfree(apqns);
1303                 if (rc) {
1304                         kfree(kkey);
1305                         break;
1306                 }
1307                 if (kgs.key) {
1308                         if (kgs.keylen < klen) {
1309                                 kfree(kkey);
1310                                 return -EINVAL;
1311                         }
1312                         if (copy_to_user(kgs.key, kkey, klen)) {
1313                                 kfree(kkey);
1314                                 return -EFAULT;
1315                         }
1316                 }
1317                 kgs.keylen = klen;
1318                 if (copy_to_user(ugs, &kgs, sizeof(kgs)))
1319                         rc = -EFAULT;
1320                 kfree(kkey);
1321                 break;
1322         }
1323         case PKEY_CLR2SECK2: {
1324                 struct pkey_clr2seck2 __user *ucs = (void __user *) arg;
1325                 struct pkey_clr2seck2 kcs;
1326                 struct pkey_apqn *apqns;
1327                 size_t klen = KEYBLOBBUFSIZE;
1328                 u8 *kkey;
1329
1330                 if (copy_from_user(&kcs, ucs, sizeof(kcs)))
1331                         return -EFAULT;
1332                 apqns = _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries);
1333                 if (IS_ERR(apqns))
1334                         return PTR_ERR(apqns);
1335                 kkey = kmalloc(klen, GFP_KERNEL);
1336                 if (!kkey) {
1337                         kfree(apqns);
1338                         return -ENOMEM;
1339                 }
1340                 rc = pkey_clr2seckey2(apqns, kcs.apqn_entries,
1341                                       kcs.type, kcs.size, kcs.keygenflags,
1342                                       kcs.clrkey.clrkey, kkey, &klen);
1343                 DEBUG_DBG("%s pkey_clr2seckey2()=%d\n", __func__, rc);
1344                 kfree(apqns);
1345                 if (rc) {
1346                         kfree(kkey);
1347                         break;
1348                 }
1349                 if (kcs.key) {
1350                         if (kcs.keylen < klen) {
1351                                 kfree(kkey);
1352                                 return -EINVAL;
1353                         }
1354                         if (copy_to_user(kcs.key, kkey, klen)) {
1355                                 kfree(kkey);
1356                                 return -EFAULT;
1357                         }
1358                 }
1359                 kcs.keylen = klen;
1360                 if (copy_to_user(ucs, &kcs, sizeof(kcs)))
1361                         rc = -EFAULT;
1362                 memzero_explicit(&kcs, sizeof(kcs));
1363                 kfree(kkey);
1364                 break;
1365         }
1366         case PKEY_VERIFYKEY2: {
1367                 struct pkey_verifykey2 __user *uvk = (void __user *) arg;
1368                 struct pkey_verifykey2 kvk;
1369                 u8 *kkey;
1370
1371                 if (copy_from_user(&kvk, uvk, sizeof(kvk)))
1372                         return -EFAULT;
1373                 kkey = _copy_key_from_user(kvk.key, kvk.keylen);
1374                 if (IS_ERR(kkey))
1375                         return PTR_ERR(kkey);
1376                 rc = pkey_verifykey2(kkey, kvk.keylen,
1377                                      &kvk.cardnr, &kvk.domain,
1378                                      &kvk.type, &kvk.size, &kvk.flags);
1379                 DEBUG_DBG("%s pkey_verifykey2()=%d\n", __func__, rc);
1380                 kfree(kkey);
1381                 if (rc)
1382                         break;
1383                 if (copy_to_user(uvk, &kvk, sizeof(kvk)))
1384                         return -EFAULT;
1385                 break;
1386         }
1387         case PKEY_KBLOB2PROTK2: {
1388                 struct pkey_kblob2pkey2 __user *utp = (void __user *) arg;
1389                 struct pkey_kblob2pkey2 ktp;
1390                 struct pkey_apqn *apqns = NULL;
1391                 u8 *kkey;
1392
1393                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1394                         return -EFAULT;
1395                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1396                 if (IS_ERR(apqns))
1397                         return PTR_ERR(apqns);
1398                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1399                 if (IS_ERR(kkey)) {
1400                         kfree(apqns);
1401                         return PTR_ERR(kkey);
1402                 }
1403                 rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries,
1404                                         kkey, ktp.keylen, &ktp.protkey);
1405                 DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
1406                 kfree(apqns);
1407                 kfree(kkey);
1408                 if (rc)
1409                         break;
1410                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1411                         return -EFAULT;
1412                 break;
1413         }
1414         case PKEY_APQNS4K: {
1415                 struct pkey_apqns4key __user *uak = (void __user *) arg;
1416                 struct pkey_apqns4key kak;
1417                 struct pkey_apqn *apqns = NULL;
1418                 size_t nr_apqns, len;
1419                 u8 *kkey;
1420
1421                 if (copy_from_user(&kak, uak, sizeof(kak)))
1422                         return -EFAULT;
1423                 nr_apqns = kak.apqn_entries;
1424                 if (nr_apqns) {
1425                         apqns = kmalloc_array(nr_apqns,
1426                                               sizeof(struct pkey_apqn),
1427                                               GFP_KERNEL);
1428                         if (!apqns)
1429                                 return -ENOMEM;
1430                 }
1431                 kkey = _copy_key_from_user(kak.key, kak.keylen);
1432                 if (IS_ERR(kkey)) {
1433                         kfree(apqns);
1434                         return PTR_ERR(kkey);
1435                 }
1436                 rc = pkey_apqns4key(kkey, kak.keylen, kak.flags,
1437                                     apqns, &nr_apqns);
1438                 DEBUG_DBG("%s pkey_apqns4key()=%d\n", __func__, rc);
1439                 kfree(kkey);
1440                 if (rc && rc != -ENOSPC) {
1441                         kfree(apqns);
1442                         break;
1443                 }
1444                 if (!rc && kak.apqns) {
1445                         if (nr_apqns > kak.apqn_entries) {
1446                                 kfree(apqns);
1447                                 return -EINVAL;
1448                         }
1449                         len = nr_apqns * sizeof(struct pkey_apqn);
1450                         if (len) {
1451                                 if (copy_to_user(kak.apqns, apqns, len)) {
1452                                         kfree(apqns);
1453                                         return -EFAULT;
1454                                 }
1455                         }
1456                 }
1457                 kak.apqn_entries = nr_apqns;
1458                 if (copy_to_user(uak, &kak, sizeof(kak)))
1459                         rc = -EFAULT;
1460                 kfree(apqns);
1461                 break;
1462         }
1463         case PKEY_APQNS4KT: {
1464                 struct pkey_apqns4keytype __user *uat = (void __user *) arg;
1465                 struct pkey_apqns4keytype kat;
1466                 struct pkey_apqn *apqns = NULL;
1467                 size_t nr_apqns, len;
1468
1469                 if (copy_from_user(&kat, uat, sizeof(kat)))
1470                         return -EFAULT;
1471                 nr_apqns = kat.apqn_entries;
1472                 if (nr_apqns) {
1473                         apqns = kmalloc_array(nr_apqns,
1474                                               sizeof(struct pkey_apqn),
1475                                               GFP_KERNEL);
1476                         if (!apqns)
1477                                 return -ENOMEM;
1478                 }
1479                 rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp,
1480                                         kat.flags, apqns, &nr_apqns);
1481                 DEBUG_DBG("%s pkey_apqns4keytype()=%d\n", __func__, rc);
1482                 if (rc && rc != -ENOSPC) {
1483                         kfree(apqns);
1484                         break;
1485                 }
1486                 if (!rc && kat.apqns) {
1487                         if (nr_apqns > kat.apqn_entries) {
1488                                 kfree(apqns);
1489                                 return -EINVAL;
1490                         }
1491                         len = nr_apqns * sizeof(struct pkey_apqn);
1492                         if (len) {
1493                                 if (copy_to_user(kat.apqns, apqns, len)) {
1494                                         kfree(apqns);
1495                                         return -EFAULT;
1496                                 }
1497                         }
1498                 }
1499                 kat.apqn_entries = nr_apqns;
1500                 if (copy_to_user(uat, &kat, sizeof(kat)))
1501                         rc = -EFAULT;
1502                 kfree(apqns);
1503                 break;
1504         }
1505         case PKEY_KBLOB2PROTK3: {
1506                 struct pkey_kblob2pkey3 __user *utp = (void __user *) arg;
1507                 struct pkey_kblob2pkey3 ktp;
1508                 struct pkey_apqn *apqns = NULL;
1509                 u32 protkeylen = PROTKEYBLOBBUFSIZE;
1510                 u8 *kkey, *protkey;
1511
1512                 if (copy_from_user(&ktp, utp, sizeof(ktp)))
1513                         return -EFAULT;
1514                 apqns = _copy_apqns_from_user(ktp.apqns, ktp.apqn_entries);
1515                 if (IS_ERR(apqns))
1516                         return PTR_ERR(apqns);
1517                 kkey = _copy_key_from_user(ktp.key, ktp.keylen);
1518                 if (IS_ERR(kkey)) {
1519                         kfree(apqns);
1520                         return PTR_ERR(kkey);
1521                 }
1522                 protkey = kmalloc(protkeylen, GFP_KERNEL);
1523                 if (!protkey) {
1524                         kfree(apqns);
1525                         kfree(kkey);
1526                         return -ENOMEM;
1527                 }
1528                 rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey,
1529                                         ktp.keylen, &ktp.pkeytype,
1530                                         protkey, &protkeylen);
1531                 DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
1532                 kfree(apqns);
1533                 kfree(kkey);
1534                 if (rc) {
1535                         kfree(protkey);
1536                         break;
1537                 }
1538                 if (ktp.pkey && ktp.pkeylen) {
1539                         if (protkeylen > ktp.pkeylen) {
1540                                 kfree(protkey);
1541                                 return -EINVAL;
1542                         }
1543                         if (copy_to_user(ktp.pkey, protkey, protkeylen)) {
1544                                 kfree(protkey);
1545                                 return -EFAULT;
1546                         }
1547                 }
1548                 kfree(protkey);
1549                 ktp.pkeylen = protkeylen;
1550                 if (copy_to_user(utp, &ktp, sizeof(ktp)))
1551                         return -EFAULT;
1552                 break;
1553         }
1554         default:
1555                 /* unknown/unsupported ioctl cmd */
1556                 return -ENOTTY;
1557         }
1558
1559         return rc;
1560 }
1561
1562 /*
1563  * Sysfs and file io operations
1564  */
1565
1566 /*
1567  * Sysfs attribute read function for all protected key binary attributes.
1568  * The implementation can not deal with partial reads, because a new random
1569  * protected key blob is generated with each read. In case of partial reads
1570  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1571  */
1572 static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1573                                           loff_t off, size_t count)
1574 {
1575         struct protaeskeytoken protkeytoken;
1576         struct pkey_protkey protkey;
1577         int rc;
1578
1579         if (off != 0 || count < sizeof(protkeytoken))
1580                 return -EINVAL;
1581         if (is_xts)
1582                 if (count < 2 * sizeof(protkeytoken))
1583                         return -EINVAL;
1584
1585         memset(&protkeytoken, 0, sizeof(protkeytoken));
1586         protkeytoken.type = TOKTYPE_NON_CCA;
1587         protkeytoken.version = TOKVER_PROTECTED_KEY;
1588         protkeytoken.keytype = keytype;
1589
1590         rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1591         if (rc)
1592                 return rc;
1593
1594         protkeytoken.len = protkey.len;
1595         memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1596
1597         memcpy(buf, &protkeytoken, sizeof(protkeytoken));
1598
1599         if (is_xts) {
1600                 rc = pkey_genprotkey(protkeytoken.keytype, &protkey);
1601                 if (rc)
1602                         return rc;
1603
1604                 protkeytoken.len = protkey.len;
1605                 memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len);
1606
1607                 memcpy(buf + sizeof(protkeytoken), &protkeytoken,
1608                        sizeof(protkeytoken));
1609
1610                 return 2 * sizeof(protkeytoken);
1611         }
1612
1613         return sizeof(protkeytoken);
1614 }
1615
1616 static ssize_t protkey_aes_128_read(struct file *filp,
1617                                     struct kobject *kobj,
1618                                     struct bin_attribute *attr,
1619                                     char *buf, loff_t off,
1620                                     size_t count)
1621 {
1622         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1623                                           off, count);
1624 }
1625
1626 static ssize_t protkey_aes_192_read(struct file *filp,
1627                                     struct kobject *kobj,
1628                                     struct bin_attribute *attr,
1629                                     char *buf, loff_t off,
1630                                     size_t count)
1631 {
1632         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1633                                           off, count);
1634 }
1635
1636 static ssize_t protkey_aes_256_read(struct file *filp,
1637                                     struct kobject *kobj,
1638                                     struct bin_attribute *attr,
1639                                     char *buf, loff_t off,
1640                                     size_t count)
1641 {
1642         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1643                                           off, count);
1644 }
1645
1646 static ssize_t protkey_aes_128_xts_read(struct file *filp,
1647                                         struct kobject *kobj,
1648                                         struct bin_attribute *attr,
1649                                         char *buf, loff_t off,
1650                                         size_t count)
1651 {
1652         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1653                                           off, count);
1654 }
1655
1656 static ssize_t protkey_aes_256_xts_read(struct file *filp,
1657                                         struct kobject *kobj,
1658                                         struct bin_attribute *attr,
1659                                         char *buf, loff_t off,
1660                                         size_t count)
1661 {
1662         return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1663                                           off, count);
1664 }
1665
1666 static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken));
1667 static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken));
1668 static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken));
1669 static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken));
1670 static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken));
1671
1672 static struct bin_attribute *protkey_attrs[] = {
1673         &bin_attr_protkey_aes_128,
1674         &bin_attr_protkey_aes_192,
1675         &bin_attr_protkey_aes_256,
1676         &bin_attr_protkey_aes_128_xts,
1677         &bin_attr_protkey_aes_256_xts,
1678         NULL
1679 };
1680
1681 static struct attribute_group protkey_attr_group = {
1682         .name      = "protkey",
1683         .bin_attrs = protkey_attrs,
1684 };
1685
1686 /*
1687  * Sysfs attribute read function for all secure key ccadata binary attributes.
1688  * The implementation can not deal with partial reads, because a new random
1689  * protected key blob is generated with each read. In case of partial reads
1690  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1691  */
1692 static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf,
1693                                           loff_t off, size_t count)
1694 {
1695         int rc;
1696         struct pkey_seckey *seckey = (struct pkey_seckey *) buf;
1697
1698         if (off != 0 || count < sizeof(struct secaeskeytoken))
1699                 return -EINVAL;
1700         if (is_xts)
1701                 if (count < 2 * sizeof(struct secaeskeytoken))
1702                         return -EINVAL;
1703
1704         rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1705         if (rc)
1706                 return rc;
1707
1708         if (is_xts) {
1709                 seckey++;
1710                 rc = cca_genseckey(-1, -1, keytype, seckey->seckey);
1711                 if (rc)
1712                         return rc;
1713
1714                 return 2 * sizeof(struct secaeskeytoken);
1715         }
1716
1717         return sizeof(struct secaeskeytoken);
1718 }
1719
1720 static ssize_t ccadata_aes_128_read(struct file *filp,
1721                                     struct kobject *kobj,
1722                                     struct bin_attribute *attr,
1723                                     char *buf, loff_t off,
1724                                     size_t count)
1725 {
1726         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf,
1727                                           off, count);
1728 }
1729
1730 static ssize_t ccadata_aes_192_read(struct file *filp,
1731                                     struct kobject *kobj,
1732                                     struct bin_attribute *attr,
1733                                     char *buf, loff_t off,
1734                                     size_t count)
1735 {
1736         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf,
1737                                           off, count);
1738 }
1739
1740 static ssize_t ccadata_aes_256_read(struct file *filp,
1741                                     struct kobject *kobj,
1742                                     struct bin_attribute *attr,
1743                                     char *buf, loff_t off,
1744                                     size_t count)
1745 {
1746         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf,
1747                                           off, count);
1748 }
1749
1750 static ssize_t ccadata_aes_128_xts_read(struct file *filp,
1751                                         struct kobject *kobj,
1752                                         struct bin_attribute *attr,
1753                                         char *buf, loff_t off,
1754                                         size_t count)
1755 {
1756         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf,
1757                                           off, count);
1758 }
1759
1760 static ssize_t ccadata_aes_256_xts_read(struct file *filp,
1761                                         struct kobject *kobj,
1762                                         struct bin_attribute *attr,
1763                                         char *buf, loff_t off,
1764                                         size_t count)
1765 {
1766         return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf,
1767                                           off, count);
1768 }
1769
1770 static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken));
1771 static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken));
1772 static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken));
1773 static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken));
1774 static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken));
1775
1776 static struct bin_attribute *ccadata_attrs[] = {
1777         &bin_attr_ccadata_aes_128,
1778         &bin_attr_ccadata_aes_192,
1779         &bin_attr_ccadata_aes_256,
1780         &bin_attr_ccadata_aes_128_xts,
1781         &bin_attr_ccadata_aes_256_xts,
1782         NULL
1783 };
1784
1785 static struct attribute_group ccadata_attr_group = {
1786         .name      = "ccadata",
1787         .bin_attrs = ccadata_attrs,
1788 };
1789
1790 #define CCACIPHERTOKENSIZE      (sizeof(struct cipherkeytoken) + 80)
1791
1792 /*
1793  * Sysfs attribute read function for all secure key ccacipher binary attributes.
1794  * The implementation can not deal with partial reads, because a new random
1795  * secure key blob is generated with each read. In case of partial reads
1796  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1797  */
1798 static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits,
1799                                             bool is_xts, char *buf, loff_t off,
1800                                             size_t count)
1801 {
1802         int i, rc, card, dom;
1803         u32 nr_apqns, *apqns = NULL;
1804         size_t keysize = CCACIPHERTOKENSIZE;
1805
1806         if (off != 0 || count < CCACIPHERTOKENSIZE)
1807                 return -EINVAL;
1808         if (is_xts)
1809                 if (count < 2 * CCACIPHERTOKENSIZE)
1810                         return -EINVAL;
1811
1812         /* build a list of apqns able to generate an cipher key */
1813         rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1814                            ZCRYPT_CEX6, 0, 0, 0, 0);
1815         if (rc)
1816                 return rc;
1817
1818         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1819
1820         /* simple try all apqns from the list */
1821         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1822                 card = apqns[i] >> 16;
1823                 dom = apqns[i] & 0xFFFF;
1824                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1825                 if (rc == 0)
1826                         break;
1827         }
1828         if (rc)
1829                 return rc;
1830
1831         if (is_xts) {
1832                 keysize = CCACIPHERTOKENSIZE;
1833                 buf += CCACIPHERTOKENSIZE;
1834                 rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize);
1835                 if (rc == 0)
1836                         return 2 * CCACIPHERTOKENSIZE;
1837         }
1838
1839         return CCACIPHERTOKENSIZE;
1840 }
1841
1842 static ssize_t ccacipher_aes_128_read(struct file *filp,
1843                                       struct kobject *kobj,
1844                                       struct bin_attribute *attr,
1845                                       char *buf, loff_t off,
1846                                       size_t count)
1847 {
1848         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1849                                             off, count);
1850 }
1851
1852 static ssize_t ccacipher_aes_192_read(struct file *filp,
1853                                       struct kobject *kobj,
1854                                       struct bin_attribute *attr,
1855                                       char *buf, loff_t off,
1856                                       size_t count)
1857 {
1858         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1859                                             off, count);
1860 }
1861
1862 static ssize_t ccacipher_aes_256_read(struct file *filp,
1863                                       struct kobject *kobj,
1864                                       struct bin_attribute *attr,
1865                                       char *buf, loff_t off,
1866                                       size_t count)
1867 {
1868         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1869                                             off, count);
1870 }
1871
1872 static ssize_t ccacipher_aes_128_xts_read(struct file *filp,
1873                                           struct kobject *kobj,
1874                                           struct bin_attribute *attr,
1875                                           char *buf, loff_t off,
1876                                           size_t count)
1877 {
1878         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
1879                                             off, count);
1880 }
1881
1882 static ssize_t ccacipher_aes_256_xts_read(struct file *filp,
1883                                           struct kobject *kobj,
1884                                           struct bin_attribute *attr,
1885                                           char *buf, loff_t off,
1886                                           size_t count)
1887 {
1888         return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
1889                                             off, count);
1890 }
1891
1892 static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE);
1893 static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE);
1894 static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE);
1895 static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE);
1896 static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE);
1897
1898 static struct bin_attribute *ccacipher_attrs[] = {
1899         &bin_attr_ccacipher_aes_128,
1900         &bin_attr_ccacipher_aes_192,
1901         &bin_attr_ccacipher_aes_256,
1902         &bin_attr_ccacipher_aes_128_xts,
1903         &bin_attr_ccacipher_aes_256_xts,
1904         NULL
1905 };
1906
1907 static struct attribute_group ccacipher_attr_group = {
1908         .name      = "ccacipher",
1909         .bin_attrs = ccacipher_attrs,
1910 };
1911
1912 /*
1913  * Sysfs attribute read function for all ep11 aes key binary attributes.
1914  * The implementation can not deal with partial reads, because a new random
1915  * secure key blob is generated with each read. In case of partial reads
1916  * (i.e. off != 0 or count < key blob size) -EINVAL is returned.
1917  * This function and the sysfs attributes using it provide EP11 key blobs
1918  * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently
1919  * 320 bytes.
1920  */
1921 static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits,
1922                                        bool is_xts, char *buf, loff_t off,
1923                                        size_t count)
1924 {
1925         int i, rc, card, dom;
1926         u32 nr_apqns, *apqns = NULL;
1927         size_t keysize = MAXEP11AESKEYBLOBSIZE;
1928
1929         if (off != 0 || count < MAXEP11AESKEYBLOBSIZE)
1930                 return -EINVAL;
1931         if (is_xts)
1932                 if (count < 2 * MAXEP11AESKEYBLOBSIZE)
1933                         return -EINVAL;
1934
1935         /* build a list of apqns able to generate an cipher key */
1936         rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF,
1937                             ZCRYPT_CEX7, EP11_API_V, NULL);
1938         if (rc)
1939                 return rc;
1940
1941         memset(buf, 0, is_xts ? 2 * keysize : keysize);
1942
1943         /* simple try all apqns from the list */
1944         for (i = 0, rc = -ENODEV; i < nr_apqns; i++) {
1945                 card = apqns[i] >> 16;
1946                 dom = apqns[i] & 0xFFFF;
1947                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1948                 if (rc == 0)
1949                         break;
1950         }
1951         if (rc)
1952                 return rc;
1953
1954         if (is_xts) {
1955                 keysize = MAXEP11AESKEYBLOBSIZE;
1956                 buf += MAXEP11AESKEYBLOBSIZE;
1957                 rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize);
1958                 if (rc == 0)
1959                         return 2 * MAXEP11AESKEYBLOBSIZE;
1960         }
1961
1962         return MAXEP11AESKEYBLOBSIZE;
1963 }
1964
1965 static ssize_t ep11_aes_128_read(struct file *filp,
1966                                  struct kobject *kobj,
1967                                  struct bin_attribute *attr,
1968                                  char *buf, loff_t off,
1969                                  size_t count)
1970 {
1971         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf,
1972                                        off, count);
1973 }
1974
1975 static ssize_t ep11_aes_192_read(struct file *filp,
1976                                  struct kobject *kobj,
1977                                  struct bin_attribute *attr,
1978                                  char *buf, loff_t off,
1979                                  size_t count)
1980 {
1981         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf,
1982                                        off, count);
1983 }
1984
1985 static ssize_t ep11_aes_256_read(struct file *filp,
1986                                  struct kobject *kobj,
1987                                  struct bin_attribute *attr,
1988                                  char *buf, loff_t off,
1989                                  size_t count)
1990 {
1991         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf,
1992                                        off, count);
1993 }
1994
1995 static ssize_t ep11_aes_128_xts_read(struct file *filp,
1996                                      struct kobject *kobj,
1997                                      struct bin_attribute *attr,
1998                                      char *buf, loff_t off,
1999                                      size_t count)
2000 {
2001         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf,
2002                                        off, count);
2003 }
2004
2005 static ssize_t ep11_aes_256_xts_read(struct file *filp,
2006                                      struct kobject *kobj,
2007                                      struct bin_attribute *attr,
2008                                      char *buf, loff_t off,
2009                                      size_t count)
2010 {
2011         return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf,
2012                                        off, count);
2013 }
2014
2015 static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE);
2016 static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE);
2017 static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE);
2018 static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2019 static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE);
2020
2021 static struct bin_attribute *ep11_attrs[] = {
2022         &bin_attr_ep11_aes_128,
2023         &bin_attr_ep11_aes_192,
2024         &bin_attr_ep11_aes_256,
2025         &bin_attr_ep11_aes_128_xts,
2026         &bin_attr_ep11_aes_256_xts,
2027         NULL
2028 };
2029
2030 static struct attribute_group ep11_attr_group = {
2031         .name      = "ep11",
2032         .bin_attrs = ep11_attrs,
2033 };
2034
2035 static const struct attribute_group *pkey_attr_groups[] = {
2036         &protkey_attr_group,
2037         &ccadata_attr_group,
2038         &ccacipher_attr_group,
2039         &ep11_attr_group,
2040         NULL,
2041 };
2042
2043 static const struct file_operations pkey_fops = {
2044         .owner          = THIS_MODULE,
2045         .open           = nonseekable_open,
2046         .llseek         = no_llseek,
2047         .unlocked_ioctl = pkey_unlocked_ioctl,
2048 };
2049
2050 static struct miscdevice pkey_dev = {
2051         .name   = "pkey",
2052         .minor  = MISC_DYNAMIC_MINOR,
2053         .mode   = 0666,
2054         .fops   = &pkey_fops,
2055         .groups = pkey_attr_groups,
2056 };
2057
2058 /*
2059  * Module init
2060  */
2061 static int __init pkey_init(void)
2062 {
2063         cpacf_mask_t func_mask;
2064
2065         /*
2066          * The pckmo instruction should be available - even if we don't
2067          * actually invoke it. This instruction comes with MSA 3 which
2068          * is also the minimum level for the kmc instructions which
2069          * are able to work with protected keys.
2070          */
2071         if (!cpacf_query(CPACF_PCKMO, &func_mask))
2072                 return -ENODEV;
2073
2074         /* check for kmc instructions available */
2075         if (!cpacf_query(CPACF_KMC, &func_mask))
2076                 return -ENODEV;
2077         if (!cpacf_test_func(&func_mask, CPACF_KMC_PAES_128) ||
2078             !cpacf_test_func(&func_mask, CPACF_KMC_PAES_192) ||
2079             !cpacf_test_func(&func_mask, CPACF_KMC_PAES_256))
2080                 return -ENODEV;
2081
2082         pkey_debug_init();
2083
2084         return misc_register(&pkey_dev);
2085 }
2086
2087 /*
2088  * Module exit
2089  */
2090 static void __exit pkey_exit(void)
2091 {
2092         misc_deregister(&pkey_dev);
2093         pkey_debug_exit();
2094 }
2095
2096 module_cpu_feature_match(MSA, pkey_init);
2097 module_exit(pkey_exit);