zcrypt_api.c 51 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029
  1. // SPDX-License-Identifier: GPL-2.0+
  2. /*
  3. * Copyright IBM Corp. 2001, 2018
  4. * Author(s): Robert Burroughs
  5. * Eric Rossman (edrossma@us.ibm.com)
  6. * Cornelia Huck <cornelia.huck@de.ibm.com>
  7. *
  8. * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
  9. * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
  10. * Ralph Wuerthner <rwuerthn@de.ibm.com>
  11. * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
  12. * Multiple device nodes: Harald Freudenberger <freude@linux.ibm.com>
  13. */
  14. #define pr_fmt(fmt) "zcrypt: " fmt
  15. #include <linux/export.h>
  16. #include <linux/module.h>
  17. #include <linux/init.h>
  18. #include <linux/interrupt.h>
  19. #include <linux/miscdevice.h>
  20. #include <linux/fs.h>
  21. #include <linux/slab.h>
  22. #include <linux/atomic.h>
  23. #include <linux/uaccess.h>
  24. #include <linux/hw_random.h>
  25. #include <linux/debugfs.h>
  26. #include <linux/cdev.h>
  27. #include <linux/ctype.h>
  28. #include <linux/capability.h>
  29. #include <asm/debug.h>
  30. #define CREATE_TRACE_POINTS
  31. #include <asm/trace/zcrypt.h>
  32. #include "zcrypt_api.h"
  33. #include "zcrypt_debug.h"
  34. #include "zcrypt_msgtype6.h"
  35. #include "zcrypt_msgtype50.h"
  36. #include "zcrypt_ccamisc.h"
  37. #include "zcrypt_ep11misc.h"
  38. /*
  39. * Module description.
  40. */
  41. MODULE_AUTHOR("IBM Corporation");
  42. MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " \
  43. "Copyright IBM Corp. 2001, 2012");
  44. MODULE_LICENSE("GPL");
  45. unsigned int zcrypt_mempool_threshold = 5;
  46. module_param_named(mempool_threshold, zcrypt_mempool_threshold, uint, 0400);
  47. MODULE_PARM_DESC(mempool_threshold, "CCA and EP11 request/reply mempool minimal items (min: 1)");
  48. /*
  49. * zcrypt tracepoint functions
  50. */
  51. EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_req);
  52. EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_rep);
  53. DEFINE_SPINLOCK(zcrypt_list_lock);
  54. LIST_HEAD(zcrypt_card_list);
  55. static atomic_t zcrypt_open_count = ATOMIC_INIT(0);
  56. static LIST_HEAD(zcrypt_ops_list);
  57. /* Zcrypt related debug feature stuff. */
  58. debug_info_t *zcrypt_dbf_info;
  59. /*
  60. * Process a rescan of the transport layer.
  61. * Runs a synchronous AP bus rescan.
  62. * Returns true if something has changed (for example the
  63. * bus scan has found and build up new devices) and it is
  64. * worth to do a retry. Otherwise false is returned meaning
  65. * no changes on the AP bus level.
  66. */
  67. static inline bool zcrypt_process_rescan(void)
  68. {
  69. return ap_bus_force_rescan();
  70. }
  71. void zcrypt_msgtype_register(struct zcrypt_ops *zops)
  72. {
  73. list_add_tail(&zops->list, &zcrypt_ops_list);
  74. }
  75. void zcrypt_msgtype_unregister(struct zcrypt_ops *zops)
  76. {
  77. list_del_init(&zops->list);
  78. }
  79. struct zcrypt_ops *zcrypt_msgtype(unsigned char *name, int variant)
  80. {
  81. struct zcrypt_ops *zops;
  82. list_for_each_entry(zops, &zcrypt_ops_list, list)
  83. if (zops->variant == variant &&
  84. (!strncmp(zops->name, name, sizeof(zops->name))))
  85. return zops;
  86. return NULL;
  87. }
  88. EXPORT_SYMBOL(zcrypt_msgtype);
  89. /*
  90. * Multi device nodes extension functions.
  91. */
  92. struct zcdn_device;
  93. static void zcdn_device_release(struct device *dev);
  94. static const struct class zcrypt_class = {
  95. .name = ZCRYPT_NAME,
  96. .dev_release = zcdn_device_release,
  97. };
  98. static dev_t zcrypt_devt;
  99. static struct cdev zcrypt_cdev;
  100. struct zcdn_device {
  101. struct device device;
  102. struct ap_perms perms;
  103. };
  104. #define to_zcdn_dev(x) container_of((x), struct zcdn_device, device)
  105. #define ZCDN_MAX_NAME 32
  106. static int zcdn_create(const char *name);
  107. static int zcdn_destroy(const char *name);
  108. /*
  109. * Find zcdn device by name.
  110. * Returns reference to the zcdn device which needs to be released
  111. * with put_device() after use.
  112. */
  113. static inline struct zcdn_device *find_zcdndev_by_name(const char *name)
  114. {
  115. struct device *dev = class_find_device_by_name(&zcrypt_class, name);
  116. return dev ? to_zcdn_dev(dev) : NULL;
  117. }
  118. /*
  119. * Find zcdn device by devt value.
  120. * Returns reference to the zcdn device which needs to be released
  121. * with put_device() after use.
  122. */
  123. static inline struct zcdn_device *find_zcdndev_by_devt(dev_t devt)
  124. {
  125. struct device *dev = class_find_device_by_devt(&zcrypt_class, devt);
  126. return dev ? to_zcdn_dev(dev) : NULL;
  127. }
  128. static ssize_t ioctlmask_show(struct device *dev,
  129. struct device_attribute *attr,
  130. char *buf)
  131. {
  132. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  133. int i, n;
  134. if (mutex_lock_interruptible(&ap_attr_mutex))
  135. return -ERESTARTSYS;
  136. n = sysfs_emit(buf, "0x");
  137. for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++)
  138. n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.ioctlm[i]);
  139. n += sysfs_emit_at(buf, n, "\n");
  140. mutex_unlock(&ap_attr_mutex);
  141. return n;
  142. }
  143. static ssize_t ioctlmask_store(struct device *dev,
  144. struct device_attribute *attr,
  145. const char *buf, size_t count)
  146. {
  147. int rc;
  148. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  149. rc = ap_parse_mask_str(buf, zcdndev->perms.ioctlm,
  150. AP_IOCTLS, &ap_attr_mutex);
  151. if (rc)
  152. return rc;
  153. return count;
  154. }
  155. static DEVICE_ATTR_RW(ioctlmask);
  156. static ssize_t apmask_show(struct device *dev,
  157. struct device_attribute *attr,
  158. char *buf)
  159. {
  160. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  161. int i, n;
  162. if (mutex_lock_interruptible(&ap_attr_mutex))
  163. return -ERESTARTSYS;
  164. n = sysfs_emit(buf, "0x");
  165. for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++)
  166. n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.apm[i]);
  167. n += sysfs_emit_at(buf, n, "\n");
  168. mutex_unlock(&ap_attr_mutex);
  169. return n;
  170. }
  171. static ssize_t apmask_store(struct device *dev,
  172. struct device_attribute *attr,
  173. const char *buf, size_t count)
  174. {
  175. int rc;
  176. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  177. rc = ap_parse_mask_str(buf, zcdndev->perms.apm,
  178. AP_DEVICES, &ap_attr_mutex);
  179. if (rc)
  180. return rc;
  181. return count;
  182. }
  183. static DEVICE_ATTR_RW(apmask);
  184. static ssize_t aqmask_show(struct device *dev,
  185. struct device_attribute *attr,
  186. char *buf)
  187. {
  188. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  189. int i, n;
  190. if (mutex_lock_interruptible(&ap_attr_mutex))
  191. return -ERESTARTSYS;
  192. n = sysfs_emit(buf, "0x");
  193. for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++)
  194. n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.aqm[i]);
  195. n += sysfs_emit_at(buf, n, "\n");
  196. mutex_unlock(&ap_attr_mutex);
  197. return n;
  198. }
  199. static ssize_t aqmask_store(struct device *dev,
  200. struct device_attribute *attr,
  201. const char *buf, size_t count)
  202. {
  203. int rc;
  204. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  205. rc = ap_parse_mask_str(buf, zcdndev->perms.aqm,
  206. AP_DOMAINS, &ap_attr_mutex);
  207. if (rc)
  208. return rc;
  209. return count;
  210. }
  211. static DEVICE_ATTR_RW(aqmask);
  212. static ssize_t admask_show(struct device *dev,
  213. struct device_attribute *attr,
  214. char *buf)
  215. {
  216. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  217. int i, n;
  218. if (mutex_lock_interruptible(&ap_attr_mutex))
  219. return -ERESTARTSYS;
  220. n = sysfs_emit(buf, "0x");
  221. for (i = 0; i < sizeof(zcdndev->perms.adm) / sizeof(long); i++)
  222. n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.adm[i]);
  223. n += sysfs_emit_at(buf, n, "\n");
  224. mutex_unlock(&ap_attr_mutex);
  225. return n;
  226. }
  227. static ssize_t admask_store(struct device *dev,
  228. struct device_attribute *attr,
  229. const char *buf, size_t count)
  230. {
  231. int rc;
  232. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  233. rc = ap_parse_mask_str(buf, zcdndev->perms.adm,
  234. AP_DOMAINS, &ap_attr_mutex);
  235. if (rc)
  236. return rc;
  237. return count;
  238. }
  239. static DEVICE_ATTR_RW(admask);
  240. static struct attribute *zcdn_dev_attrs[] = {
  241. &dev_attr_ioctlmask.attr,
  242. &dev_attr_apmask.attr,
  243. &dev_attr_aqmask.attr,
  244. &dev_attr_admask.attr,
  245. NULL
  246. };
  247. static struct attribute_group zcdn_dev_attr_group = {
  248. .attrs = zcdn_dev_attrs
  249. };
  250. static const struct attribute_group *zcdn_dev_attr_groups[] = {
  251. &zcdn_dev_attr_group,
  252. NULL
  253. };
  254. static ssize_t zcdn_create_store(const struct class *class,
  255. const struct class_attribute *attr,
  256. const char *buf, size_t count)
  257. {
  258. int rc;
  259. char name[ZCDN_MAX_NAME];
  260. strscpy(name, skip_spaces(buf), sizeof(name));
  261. rc = zcdn_create(strim(name));
  262. return rc ? rc : count;
  263. }
  264. static const struct class_attribute class_attr_zcdn_create =
  265. __ATTR(create, 0600, NULL, zcdn_create_store);
  266. static ssize_t zcdn_destroy_store(const struct class *class,
  267. const struct class_attribute *attr,
  268. const char *buf, size_t count)
  269. {
  270. int rc;
  271. char name[ZCDN_MAX_NAME];
  272. strscpy(name, skip_spaces(buf), sizeof(name));
  273. rc = zcdn_destroy(strim(name));
  274. return rc ? rc : count;
  275. }
  276. static const struct class_attribute class_attr_zcdn_destroy =
  277. __ATTR(destroy, 0600, NULL, zcdn_destroy_store);
  278. static void zcdn_device_release(struct device *dev)
  279. {
  280. struct zcdn_device *zcdndev = to_zcdn_dev(dev);
  281. ZCRYPT_DBF_INFO("%s releasing zcdn device %d:%d\n",
  282. __func__, MAJOR(dev->devt), MINOR(dev->devt));
  283. kfree(zcdndev);
  284. }
  285. static int zcdn_create(const char *name)
  286. {
  287. dev_t devt;
  288. int i, rc = 0;
  289. struct zcdn_device *zcdndev;
  290. if (mutex_lock_interruptible(&ap_attr_mutex))
  291. return -ERESTARTSYS;
  292. /* check if device node with this name already exists */
  293. if (name[0]) {
  294. zcdndev = find_zcdndev_by_name(name);
  295. if (zcdndev) {
  296. put_device(&zcdndev->device);
  297. rc = -EEXIST;
  298. goto unlockout;
  299. }
  300. }
  301. /* find an unused minor number */
  302. for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) {
  303. devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i);
  304. zcdndev = find_zcdndev_by_devt(devt);
  305. if (zcdndev)
  306. put_device(&zcdndev->device);
  307. else
  308. break;
  309. }
  310. if (i == ZCRYPT_MAX_MINOR_NODES) {
  311. rc = -ENOSPC;
  312. goto unlockout;
  313. }
  314. /* alloc and prepare a new zcdn device */
  315. zcdndev = kzalloc_obj(*zcdndev);
  316. if (!zcdndev) {
  317. rc = -ENOMEM;
  318. goto unlockout;
  319. }
  320. zcdndev->device.release = zcdn_device_release;
  321. zcdndev->device.class = &zcrypt_class;
  322. zcdndev->device.devt = devt;
  323. zcdndev->device.groups = zcdn_dev_attr_groups;
  324. if (name[0])
  325. rc = dev_set_name(&zcdndev->device, "%s", name);
  326. else
  327. rc = dev_set_name(&zcdndev->device, ZCRYPT_NAME "_%d", (int)MINOR(devt));
  328. if (rc) {
  329. kfree(zcdndev);
  330. goto unlockout;
  331. }
  332. rc = device_register(&zcdndev->device);
  333. if (rc) {
  334. put_device(&zcdndev->device);
  335. goto unlockout;
  336. }
  337. ZCRYPT_DBF_INFO("%s created zcdn device %d:%d\n",
  338. __func__, MAJOR(devt), MINOR(devt));
  339. unlockout:
  340. mutex_unlock(&ap_attr_mutex);
  341. return rc;
  342. }
  343. static int zcdn_destroy(const char *name)
  344. {
  345. int rc = 0;
  346. struct zcdn_device *zcdndev;
  347. if (mutex_lock_interruptible(&ap_attr_mutex))
  348. return -ERESTARTSYS;
  349. /* try to find this zcdn device */
  350. zcdndev = find_zcdndev_by_name(name);
  351. if (!zcdndev) {
  352. rc = -ENOENT;
  353. goto unlockout;
  354. }
  355. /*
  356. * The zcdn device is not hard destroyed. It is subject to
  357. * reference counting and thus just needs to be unregistered.
  358. */
  359. put_device(&zcdndev->device);
  360. device_unregister(&zcdndev->device);
  361. unlockout:
  362. mutex_unlock(&ap_attr_mutex);
  363. return rc;
  364. }
  365. static void zcdn_destroy_all(void)
  366. {
  367. int i;
  368. dev_t devt;
  369. struct zcdn_device *zcdndev;
  370. mutex_lock(&ap_attr_mutex);
  371. for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) {
  372. devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i);
  373. zcdndev = find_zcdndev_by_devt(devt);
  374. if (zcdndev) {
  375. put_device(&zcdndev->device);
  376. device_unregister(&zcdndev->device);
  377. }
  378. }
  379. mutex_unlock(&ap_attr_mutex);
  380. }
  381. /*
  382. * zcrypt_read (): Not supported beyond zcrypt 1.3.1.
  383. *
  384. * This function is not supported beyond zcrypt 1.3.1.
  385. */
  386. static ssize_t zcrypt_read(struct file *filp, char __user *buf,
  387. size_t count, loff_t *f_pos)
  388. {
  389. return -EPERM;
  390. }
  391. /*
  392. * zcrypt_write(): Not allowed.
  393. *
  394. * Write is not allowed
  395. */
  396. static ssize_t zcrypt_write(struct file *filp, const char __user *buf,
  397. size_t count, loff_t *f_pos)
  398. {
  399. return -EPERM;
  400. }
  401. /*
  402. * zcrypt_open(): Count number of users.
  403. *
  404. * Device open function to count number of users.
  405. */
  406. static int zcrypt_open(struct inode *inode, struct file *filp)
  407. {
  408. struct ap_perms *perms = &ap_perms;
  409. if (filp->f_inode->i_cdev == &zcrypt_cdev) {
  410. struct zcdn_device *zcdndev;
  411. if (mutex_lock_interruptible(&ap_attr_mutex))
  412. return -ERESTARTSYS;
  413. zcdndev = find_zcdndev_by_devt(filp->f_inode->i_rdev);
  414. /* find returns a reference, no get_device() needed */
  415. mutex_unlock(&ap_attr_mutex);
  416. if (zcdndev)
  417. perms = &zcdndev->perms;
  418. }
  419. filp->private_data = (void *)perms;
  420. atomic_inc(&zcrypt_open_count);
  421. return stream_open(inode, filp);
  422. }
  423. /*
  424. * zcrypt_release(): Count number of users.
  425. *
  426. * Device close function to count number of users.
  427. */
  428. static int zcrypt_release(struct inode *inode, struct file *filp)
  429. {
  430. if (filp->f_inode->i_cdev == &zcrypt_cdev) {
  431. struct zcdn_device *zcdndev;
  432. mutex_lock(&ap_attr_mutex);
  433. zcdndev = find_zcdndev_by_devt(filp->f_inode->i_rdev);
  434. mutex_unlock(&ap_attr_mutex);
  435. if (zcdndev) {
  436. /* 2 puts here: one for find, one for open */
  437. put_device(&zcdndev->device);
  438. put_device(&zcdndev->device);
  439. }
  440. }
  441. atomic_dec(&zcrypt_open_count);
  442. return 0;
  443. }
  444. static inline int zcrypt_check_ioctl(struct ap_perms *perms,
  445. unsigned int cmd)
  446. {
  447. int rc = -EPERM;
  448. int ioctlnr = (cmd & _IOC_NRMASK) >> _IOC_NRSHIFT;
  449. if (ioctlnr > 0 && ioctlnr < AP_IOCTLS) {
  450. if (test_bit_inv(ioctlnr, perms->ioctlm))
  451. rc = 0;
  452. }
  453. if (rc)
  454. ZCRYPT_DBF_WARN("%s ioctl check failed: ioctlnr=0x%04x rc=%d\n",
  455. __func__, ioctlnr, rc);
  456. return rc;
  457. }
  458. static inline bool zcrypt_check_card(struct ap_perms *perms, int card)
  459. {
  460. return test_bit_inv(card, perms->apm) ? true : false;
  461. }
  462. static inline bool zcrypt_check_queue(struct ap_perms *perms, int queue)
  463. {
  464. return test_bit_inv(queue, perms->aqm) ? true : false;
  465. }
  466. static inline struct zcrypt_queue *zcrypt_pick_queue(struct zcrypt_card *zc,
  467. struct zcrypt_queue *zq,
  468. struct module **pmod,
  469. unsigned int weight)
  470. {
  471. if (!zq || !try_module_get(zq->queue->ap_dev.device.driver->owner))
  472. return NULL;
  473. zcrypt_card_get(zc);
  474. zcrypt_queue_get(zq);
  475. get_device(&zq->queue->ap_dev.device);
  476. atomic_add(weight, &zc->load);
  477. atomic_add(weight, &zq->load);
  478. zq->request_count++;
  479. *pmod = zq->queue->ap_dev.device.driver->owner;
  480. return zq;
  481. }
  482. static inline void zcrypt_drop_queue(struct zcrypt_card *zc,
  483. struct zcrypt_queue *zq,
  484. struct module *mod,
  485. unsigned int weight)
  486. {
  487. zq->request_count--;
  488. atomic_sub(weight, &zc->load);
  489. atomic_sub(weight, &zq->load);
  490. put_device(&zq->queue->ap_dev.device);
  491. zcrypt_queue_put(zq);
  492. zcrypt_card_put(zc);
  493. module_put(mod);
  494. }
  495. static inline bool zcrypt_card_compare(struct zcrypt_card *zc,
  496. struct zcrypt_card *pref_zc,
  497. unsigned int weight,
  498. unsigned int pref_weight)
  499. {
  500. if (!pref_zc)
  501. return true;
  502. weight += atomic_read(&zc->load);
  503. pref_weight += atomic_read(&pref_zc->load);
  504. if (weight == pref_weight)
  505. return atomic64_read(&zc->card->total_request_count) <
  506. atomic64_read(&pref_zc->card->total_request_count);
  507. return weight < pref_weight;
  508. }
  509. static inline bool zcrypt_queue_compare(struct zcrypt_queue *zq,
  510. struct zcrypt_queue *pref_zq,
  511. unsigned int weight,
  512. unsigned int pref_weight)
  513. {
  514. if (!pref_zq)
  515. return true;
  516. weight += atomic_read(&zq->load);
  517. pref_weight += atomic_read(&pref_zq->load);
  518. if (weight == pref_weight)
  519. return zq->queue->total_request_count <
  520. pref_zq->queue->total_request_count;
  521. return weight < pref_weight;
  522. }
  523. /*
  524. * zcrypt ioctls.
  525. */
  526. static long zcrypt_rsa_modexpo(struct ap_perms *perms,
  527. struct zcrypt_track *tr,
  528. struct ica_rsa_modexpo *mex)
  529. {
  530. struct zcrypt_card *zc, *pref_zc;
  531. struct zcrypt_queue *zq, *pref_zq;
  532. struct ap_message ap_msg;
  533. unsigned int wgt = 0, pref_wgt = 0;
  534. unsigned int func_code = 0;
  535. int cpen, qpen, qid = 0, rc;
  536. struct module *mod;
  537. trace_s390_zcrypt_req(mex, TP_ICARSAMODEXPO);
  538. rc = ap_init_apmsg(&ap_msg, 0);
  539. if (rc)
  540. goto out;
  541. if (mex->outputdatalength < mex->inputdatalength) {
  542. rc = -EINVAL;
  543. goto out;
  544. }
  545. /*
  546. * As long as outputdatalength is big enough, we can set the
  547. * outputdatalength equal to the inputdatalength, since that is the
  548. * number of bytes we will copy in any case
  549. */
  550. mex->outputdatalength = mex->inputdatalength;
  551. rc = get_rsa_modex_fc(mex, &func_code);
  552. if (rc)
  553. goto out;
  554. pref_zc = NULL;
  555. pref_zq = NULL;
  556. spin_lock(&zcrypt_list_lock);
  557. for_each_zcrypt_card(zc) {
  558. /* Check for usable accelerator or CCA card */
  559. if (!zc->online || !zc->card->config || zc->card->chkstop ||
  560. !(zc->card->hwinfo.accel || zc->card->hwinfo.cca))
  561. continue;
  562. /* Check for size limits */
  563. if (zc->min_mod_size > mex->inputdatalength ||
  564. zc->max_mod_size < mex->inputdatalength)
  565. continue;
  566. /* check if device node has admission for this card */
  567. if (!zcrypt_check_card(perms, zc->card->id))
  568. continue;
  569. /* get weight index of the card device */
  570. wgt = zc->speed_rating[func_code];
  571. /* penalty if this msg was previously sent via this card */
  572. cpen = (tr && tr->again_counter && tr->last_qid &&
  573. AP_QID_CARD(tr->last_qid) == zc->card->id) ?
  574. TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0;
  575. if (!zcrypt_card_compare(zc, pref_zc, wgt + cpen, pref_wgt))
  576. continue;
  577. for_each_zcrypt_queue(zq, zc) {
  578. /* check if device is usable and eligible */
  579. if (!zq->online || !zq->ops->rsa_modexpo ||
  580. !ap_queue_usable(zq->queue))
  581. continue;
  582. /* check if device node has admission for this queue */
  583. if (!zcrypt_check_queue(perms,
  584. AP_QID_QUEUE(zq->queue->qid)))
  585. continue;
  586. /* penalty if the msg was previously sent at this qid */
  587. qpen = (tr && tr->again_counter && tr->last_qid &&
  588. tr->last_qid == zq->queue->qid) ?
  589. TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0;
  590. if (!zcrypt_queue_compare(zq, pref_zq,
  591. wgt + cpen + qpen, pref_wgt))
  592. continue;
  593. pref_zc = zc;
  594. pref_zq = zq;
  595. pref_wgt = wgt + cpen + qpen;
  596. }
  597. }
  598. pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, wgt);
  599. spin_unlock(&zcrypt_list_lock);
  600. if (!pref_zq) {
  601. pr_debug("no matching queue found => ENODEV\n");
  602. rc = -ENODEV;
  603. goto out;
  604. }
  605. qid = pref_zq->queue->qid;
  606. rc = pref_zq->ops->rsa_modexpo(pref_zq, mex, &ap_msg);
  607. spin_lock(&zcrypt_list_lock);
  608. zcrypt_drop_queue(pref_zc, pref_zq, mod, wgt);
  609. spin_unlock(&zcrypt_list_lock);
  610. out:
  611. ap_release_apmsg(&ap_msg);
  612. if (tr) {
  613. tr->last_rc = rc;
  614. tr->last_qid = qid;
  615. }
  616. trace_s390_zcrypt_rep(mex, func_code, rc,
  617. AP_QID_CARD(qid), AP_QID_QUEUE(qid),
  618. ap_msg.psmid);
  619. return rc;
  620. }
  621. static long zcrypt_rsa_crt(struct ap_perms *perms,
  622. struct zcrypt_track *tr,
  623. struct ica_rsa_modexpo_crt *crt)
  624. {
  625. struct zcrypt_card *zc, *pref_zc;
  626. struct zcrypt_queue *zq, *pref_zq;
  627. struct ap_message ap_msg;
  628. unsigned int wgt = 0, pref_wgt = 0;
  629. unsigned int func_code = 0;
  630. int cpen, qpen, qid = 0, rc;
  631. struct module *mod;
  632. trace_s390_zcrypt_req(crt, TP_ICARSACRT);
  633. rc = ap_init_apmsg(&ap_msg, 0);
  634. if (rc)
  635. goto out;
  636. if (crt->outputdatalength < crt->inputdatalength) {
  637. rc = -EINVAL;
  638. goto out;
  639. }
  640. /*
  641. * As long as outputdatalength is big enough, we can set the
  642. * outputdatalength equal to the inputdatalength, since that is the
  643. * number of bytes we will copy in any case
  644. */
  645. crt->outputdatalength = crt->inputdatalength;
  646. rc = get_rsa_crt_fc(crt, &func_code);
  647. if (rc)
  648. goto out;
  649. pref_zc = NULL;
  650. pref_zq = NULL;
  651. spin_lock(&zcrypt_list_lock);
  652. for_each_zcrypt_card(zc) {
  653. /* Check for usable accelerator or CCA card */
  654. if (!zc->online || !zc->card->config || zc->card->chkstop ||
  655. !(zc->card->hwinfo.accel || zc->card->hwinfo.cca))
  656. continue;
  657. /* Check for size limits */
  658. if (zc->min_mod_size > crt->inputdatalength ||
  659. zc->max_mod_size < crt->inputdatalength)
  660. continue;
  661. /* check if device node has admission for this card */
  662. if (!zcrypt_check_card(perms, zc->card->id))
  663. continue;
  664. /* get weight index of the card device */
  665. wgt = zc->speed_rating[func_code];
  666. /* penalty if this msg was previously sent via this card */
  667. cpen = (tr && tr->again_counter && tr->last_qid &&
  668. AP_QID_CARD(tr->last_qid) == zc->card->id) ?
  669. TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0;
  670. if (!zcrypt_card_compare(zc, pref_zc, wgt + cpen, pref_wgt))
  671. continue;
  672. for_each_zcrypt_queue(zq, zc) {
  673. /* check if device is usable and eligible */
  674. if (!zq->online || !zq->ops->rsa_modexpo_crt ||
  675. !ap_queue_usable(zq->queue))
  676. continue;
  677. /* check if device node has admission for this queue */
  678. if (!zcrypt_check_queue(perms,
  679. AP_QID_QUEUE(zq->queue->qid)))
  680. continue;
  681. /* penalty if the msg was previously sent at this qid */
  682. qpen = (tr && tr->again_counter && tr->last_qid &&
  683. tr->last_qid == zq->queue->qid) ?
  684. TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0;
  685. if (!zcrypt_queue_compare(zq, pref_zq,
  686. wgt + cpen + qpen, pref_wgt))
  687. continue;
  688. pref_zc = zc;
  689. pref_zq = zq;
  690. pref_wgt = wgt + cpen + qpen;
  691. }
  692. }
  693. pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, wgt);
  694. spin_unlock(&zcrypt_list_lock);
  695. if (!pref_zq) {
  696. pr_debug("no matching queue found => ENODEV\n");
  697. rc = -ENODEV;
  698. goto out;
  699. }
  700. qid = pref_zq->queue->qid;
  701. rc = pref_zq->ops->rsa_modexpo_crt(pref_zq, crt, &ap_msg);
  702. spin_lock(&zcrypt_list_lock);
  703. zcrypt_drop_queue(pref_zc, pref_zq, mod, wgt);
  704. spin_unlock(&zcrypt_list_lock);
  705. out:
  706. ap_release_apmsg(&ap_msg);
  707. if (tr) {
  708. tr->last_rc = rc;
  709. tr->last_qid = qid;
  710. }
  711. trace_s390_zcrypt_rep(crt, func_code, rc,
  712. AP_QID_CARD(qid), AP_QID_QUEUE(qid),
  713. ap_msg.psmid);
  714. return rc;
  715. }
  716. static long _zcrypt_send_cprb(u32 xflags, struct ap_perms *perms,
  717. struct zcrypt_track *tr,
  718. struct ica_xcRB *xcrb)
  719. {
  720. bool userspace = xflags & ZCRYPT_XFLAG_USERSPACE;
  721. struct zcrypt_card *zc, *pref_zc;
  722. struct zcrypt_queue *zq, *pref_zq;
  723. struct ap_message ap_msg;
  724. unsigned int wgt = 0, pref_wgt = 0;
  725. unsigned int func_code = 0;
  726. unsigned short *domain, tdom;
  727. int cpen, qpen, qid = 0, rc;
  728. struct module *mod;
  729. trace_s390_zcrypt_req(xcrb, TB_ZSECSENDCPRB);
  730. xcrb->status = 0;
  731. rc = ap_init_apmsg(&ap_msg, xflags & ZCRYPT_XFLAG_NOMEMALLOC ?
  732. AP_MSG_FLAG_MEMPOOL : 0);
  733. if (rc)
  734. goto out;
  735. rc = prep_cca_ap_msg(userspace, xcrb, &ap_msg, &func_code, &domain);
  736. if (rc)
  737. goto out;
  738. print_hex_dump_debug("ccareq: ", DUMP_PREFIX_ADDRESS, 16, 1,
  739. ap_msg.msg, ap_msg.len, false);
  740. tdom = *domain;
  741. if (perms != &ap_perms && tdom < AP_DOMAINS) {
  742. if (ap_msg.flags & AP_MSG_FLAG_ADMIN) {
  743. if (!test_bit_inv(tdom, perms->adm)) {
  744. rc = -ENODEV;
  745. goto out;
  746. }
  747. } else if ((ap_msg.flags & AP_MSG_FLAG_USAGE) == 0) {
  748. rc = -EOPNOTSUPP;
  749. goto out;
  750. }
  751. }
  752. /*
  753. * If a valid target domain is set and this domain is NOT a usage
  754. * domain but a control only domain, autoselect target domain.
  755. */
  756. if (tdom < AP_DOMAINS &&
  757. !ap_test_config_usage_domain(tdom) &&
  758. ap_test_config_ctrl_domain(tdom))
  759. tdom = AUTOSEL_DOM;
  760. pref_zc = NULL;
  761. pref_zq = NULL;
  762. spin_lock(&zcrypt_list_lock);
  763. for_each_zcrypt_card(zc) {
  764. /* Check for usable CCA card */
  765. if (!zc->online || !zc->card->config || zc->card->chkstop ||
  766. !zc->card->hwinfo.cca)
  767. continue;
  768. /* Check for user selected CCA card */
  769. if (xcrb->user_defined != AUTOSELECT &&
  770. xcrb->user_defined != zc->card->id)
  771. continue;
  772. /* check if request size exceeds card max msg size */
  773. if (ap_msg.len > zc->card->maxmsgsize)
  774. continue;
  775. /* check if device node has admission for this card */
  776. if (!zcrypt_check_card(perms, zc->card->id))
  777. continue;
  778. /* get weight index of the card device */
  779. wgt = speed_idx_cca(func_code) * zc->speed_rating[SECKEY];
  780. /* penalty if this msg was previously sent via this card */
  781. cpen = (tr && tr->again_counter && tr->last_qid &&
  782. AP_QID_CARD(tr->last_qid) == zc->card->id) ?
  783. TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0;
  784. if (!zcrypt_card_compare(zc, pref_zc, wgt + cpen, pref_wgt))
  785. continue;
  786. for_each_zcrypt_queue(zq, zc) {
  787. /* check for device usable and eligible */
  788. if (!zq->online || !zq->ops->send_cprb ||
  789. !ap_queue_usable(zq->queue) ||
  790. (tdom != AUTOSEL_DOM &&
  791. tdom != AP_QID_QUEUE(zq->queue->qid)))
  792. continue;
  793. /* check if device node has admission for this queue */
  794. if (!zcrypt_check_queue(perms,
  795. AP_QID_QUEUE(zq->queue->qid)))
  796. continue;
  797. /* penalty if the msg was previously sent at this qid */
  798. qpen = (tr && tr->again_counter && tr->last_qid &&
  799. tr->last_qid == zq->queue->qid) ?
  800. TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0;
  801. if (!zcrypt_queue_compare(zq, pref_zq,
  802. wgt + cpen + qpen, pref_wgt))
  803. continue;
  804. pref_zc = zc;
  805. pref_zq = zq;
  806. pref_wgt = wgt + cpen + qpen;
  807. }
  808. }
  809. pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, wgt);
  810. spin_unlock(&zcrypt_list_lock);
  811. if (!pref_zq) {
  812. pr_debug("no match for address %02x.%04x => ENODEV\n",
  813. xcrb->user_defined, *domain);
  814. rc = -ENODEV;
  815. goto out;
  816. }
  817. /* in case of auto select, provide the correct domain */
  818. qid = pref_zq->queue->qid;
  819. if (*domain == AUTOSEL_DOM)
  820. *domain = AP_QID_QUEUE(qid);
  821. rc = pref_zq->ops->send_cprb(userspace, pref_zq, xcrb, &ap_msg);
  822. if (!rc) {
  823. print_hex_dump_debug("ccarpl: ", DUMP_PREFIX_ADDRESS, 16, 1,
  824. ap_msg.msg, ap_msg.len, false);
  825. }
  826. spin_lock(&zcrypt_list_lock);
  827. zcrypt_drop_queue(pref_zc, pref_zq, mod, wgt);
  828. spin_unlock(&zcrypt_list_lock);
  829. out:
  830. ap_release_apmsg(&ap_msg);
  831. if (tr) {
  832. tr->last_rc = rc;
  833. tr->last_qid = qid;
  834. }
  835. trace_s390_zcrypt_rep(xcrb, func_code, rc,
  836. AP_QID_CARD(qid), AP_QID_QUEUE(qid),
  837. ap_msg.psmid);
  838. return rc;
  839. }
  840. long zcrypt_send_cprb(struct ica_xcRB *xcrb, u32 xflags)
  841. {
  842. struct zcrypt_track tr;
  843. int rc;
  844. memset(&tr, 0, sizeof(tr));
  845. do {
  846. rc = _zcrypt_send_cprb(xflags, &ap_perms, &tr, xcrb);
  847. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  848. /* on ENODEV failure: retry once again after a requested rescan */
  849. if (rc == -ENODEV && zcrypt_process_rescan())
  850. do {
  851. rc = _zcrypt_send_cprb(xflags, &ap_perms, &tr, xcrb);
  852. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  853. if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX)
  854. rc = -EIO;
  855. if (rc)
  856. pr_debug("rc=%d\n", rc);
  857. return rc;
  858. }
  859. EXPORT_SYMBOL(zcrypt_send_cprb);
  860. static bool is_desired_ep11_card(unsigned int dev_id,
  861. unsigned short target_num,
  862. struct ep11_target_dev *targets)
  863. {
  864. while (target_num-- > 0) {
  865. if (targets->ap_id == dev_id || targets->ap_id == AUTOSEL_AP)
  866. return true;
  867. targets++;
  868. }
  869. return false;
  870. }
  871. static bool is_desired_ep11_queue(unsigned int dev_qid,
  872. unsigned short target_num,
  873. struct ep11_target_dev *targets)
  874. {
  875. int card = AP_QID_CARD(dev_qid), dom = AP_QID_QUEUE(dev_qid);
  876. while (target_num-- > 0) {
  877. if ((targets->ap_id == card || targets->ap_id == AUTOSEL_AP) &&
  878. (targets->dom_id == dom || targets->dom_id == AUTOSEL_DOM))
  879. return true;
  880. targets++;
  881. }
  882. return false;
  883. }
  884. static long _zcrypt_send_ep11_cprb(u32 xflags, struct ap_perms *perms,
  885. struct zcrypt_track *tr,
  886. struct ep11_urb *xcrb)
  887. {
  888. bool userspace = xflags & ZCRYPT_XFLAG_USERSPACE;
  889. struct zcrypt_card *zc, *pref_zc;
  890. struct zcrypt_queue *zq, *pref_zq;
  891. struct ep11_target_dev *targets = NULL;
  892. unsigned short target_num;
  893. unsigned int wgt = 0, pref_wgt = 0;
  894. unsigned int func_code = 0, domain;
  895. struct ap_message ap_msg;
  896. int cpen, qpen, qid = 0, rc;
  897. struct module *mod;
  898. trace_s390_zcrypt_req(xcrb, TP_ZSENDEP11CPRB);
  899. rc = ap_init_apmsg(&ap_msg, xflags & ZCRYPT_XFLAG_NOMEMALLOC ?
  900. AP_MSG_FLAG_MEMPOOL : 0);
  901. if (rc)
  902. goto out;
  903. target_num = (unsigned short)xcrb->targets_num;
  904. /* empty list indicates autoselect (all available targets) */
  905. rc = -ENOMEM;
  906. if (target_num != 0) {
  907. if (userspace) {
  908. targets = kzalloc_objs(*targets, target_num);
  909. if (!targets)
  910. goto out;
  911. if (copy_from_user(targets, xcrb->targets,
  912. target_num * sizeof(*targets))) {
  913. rc = -EFAULT;
  914. goto out;
  915. }
  916. } else {
  917. targets = (struct ep11_target_dev __force __kernel *)xcrb->targets;
  918. }
  919. }
  920. rc = prep_ep11_ap_msg(userspace, xcrb, &ap_msg, &func_code, &domain);
  921. if (rc)
  922. goto out;
  923. print_hex_dump_debug("ep11req: ", DUMP_PREFIX_ADDRESS, 16, 1,
  924. ap_msg.msg, ap_msg.len, false);
  925. if (perms != &ap_perms && domain < AUTOSEL_DOM) {
  926. if (ap_msg.flags & AP_MSG_FLAG_ADMIN) {
  927. if (!test_bit_inv(domain, perms->adm)) {
  928. rc = -ENODEV;
  929. goto out;
  930. }
  931. } else if ((ap_msg.flags & AP_MSG_FLAG_USAGE) == 0) {
  932. rc = -EOPNOTSUPP;
  933. goto out;
  934. }
  935. }
  936. pref_zc = NULL;
  937. pref_zq = NULL;
  938. spin_lock(&zcrypt_list_lock);
  939. for_each_zcrypt_card(zc) {
  940. /* Check for usable EP11 card */
  941. if (!zc->online || !zc->card->config || zc->card->chkstop ||
  942. !zc->card->hwinfo.ep11)
  943. continue;
  944. /* Check for user selected EP11 card */
  945. if (targets &&
  946. !is_desired_ep11_card(zc->card->id, target_num, targets))
  947. continue;
  948. /* check if request size exceeds card max msg size */
  949. if (ap_msg.len > zc->card->maxmsgsize)
  950. continue;
  951. /* check if device node has admission for this card */
  952. if (!zcrypt_check_card(perms, zc->card->id))
  953. continue;
  954. /* get weight index of the card device */
  955. wgt = speed_idx_ep11(func_code) * zc->speed_rating[SECKEY];
  956. /* penalty if this msg was previously sent via this card */
  957. cpen = (tr && tr->again_counter && tr->last_qid &&
  958. AP_QID_CARD(tr->last_qid) == zc->card->id) ?
  959. TRACK_AGAIN_CARD_WEIGHT_PENALTY : 0;
  960. if (!zcrypt_card_compare(zc, pref_zc, wgt + cpen, pref_wgt))
  961. continue;
  962. for_each_zcrypt_queue(zq, zc) {
  963. /* check if device is usable and eligible */
  964. if (!zq->online || !zq->ops->send_ep11_cprb ||
  965. !ap_queue_usable(zq->queue) ||
  966. (targets &&
  967. !is_desired_ep11_queue(zq->queue->qid,
  968. target_num, targets)))
  969. continue;
  970. /* check if device node has admission for this queue */
  971. if (!zcrypt_check_queue(perms,
  972. AP_QID_QUEUE(zq->queue->qid)))
  973. continue;
  974. /* penalty if the msg was previously sent at this qid */
  975. qpen = (tr && tr->again_counter && tr->last_qid &&
  976. tr->last_qid == zq->queue->qid) ?
  977. TRACK_AGAIN_QUEUE_WEIGHT_PENALTY : 0;
  978. if (!zcrypt_queue_compare(zq, pref_zq,
  979. wgt + cpen + qpen, pref_wgt))
  980. continue;
  981. pref_zc = zc;
  982. pref_zq = zq;
  983. pref_wgt = wgt + cpen + qpen;
  984. }
  985. }
  986. pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, wgt);
  987. spin_unlock(&zcrypt_list_lock);
  988. if (!pref_zq) {
  989. if (targets && target_num == 1) {
  990. pr_debug("no match for address %02x.%04x => ENODEV\n",
  991. (int)targets->ap_id, (int)targets->dom_id);
  992. } else if (targets) {
  993. pr_debug("no match for %d target addrs => ENODEV\n",
  994. (int)target_num);
  995. } else {
  996. pr_debug("no match for address ff.ffff => ENODEV\n");
  997. }
  998. rc = -ENODEV;
  999. goto out;
  1000. }
  1001. qid = pref_zq->queue->qid;
  1002. rc = pref_zq->ops->send_ep11_cprb(userspace, pref_zq, xcrb, &ap_msg);
  1003. if (!rc) {
  1004. print_hex_dump_debug("ep11rpl: ", DUMP_PREFIX_ADDRESS, 16, 1,
  1005. ap_msg.msg, ap_msg.len, false);
  1006. }
  1007. spin_lock(&zcrypt_list_lock);
  1008. zcrypt_drop_queue(pref_zc, pref_zq, mod, wgt);
  1009. spin_unlock(&zcrypt_list_lock);
  1010. out:
  1011. if (userspace)
  1012. kfree(targets);
  1013. ap_release_apmsg(&ap_msg);
  1014. if (tr) {
  1015. tr->last_rc = rc;
  1016. tr->last_qid = qid;
  1017. }
  1018. trace_s390_zcrypt_rep(xcrb, func_code, rc,
  1019. AP_QID_CARD(qid), AP_QID_QUEUE(qid),
  1020. ap_msg.psmid);
  1021. return rc;
  1022. }
  1023. long zcrypt_send_ep11_cprb(struct ep11_urb *xcrb, u32 xflags)
  1024. {
  1025. struct zcrypt_track tr;
  1026. int rc;
  1027. memset(&tr, 0, sizeof(tr));
  1028. do {
  1029. rc = _zcrypt_send_ep11_cprb(xflags, &ap_perms, &tr, xcrb);
  1030. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1031. /* on ENODEV failure: retry once again after a requested rescan */
  1032. if (rc == -ENODEV && zcrypt_process_rescan())
  1033. do {
  1034. rc = _zcrypt_send_ep11_cprb(xflags, &ap_perms, &tr, xcrb);
  1035. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1036. if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX)
  1037. rc = -EIO;
  1038. if (rc)
  1039. pr_debug("rc=%d\n", rc);
  1040. return rc;
  1041. }
  1042. EXPORT_SYMBOL(zcrypt_send_ep11_cprb);
  1043. static long zcrypt_rng(char *buffer)
  1044. {
  1045. struct zcrypt_card *zc, *pref_zc;
  1046. struct zcrypt_queue *zq, *pref_zq;
  1047. unsigned int wgt = 0, pref_wgt = 0;
  1048. unsigned int func_code = 0;
  1049. struct ap_message ap_msg;
  1050. unsigned int domain;
  1051. int qid = 0, rc = -ENODEV;
  1052. struct module *mod;
  1053. trace_s390_zcrypt_req(buffer, TP_HWRNGCPRB);
  1054. rc = ap_init_apmsg(&ap_msg, 0);
  1055. if (rc)
  1056. goto out;
  1057. rc = prep_rng_ap_msg(&ap_msg, &func_code, &domain);
  1058. if (rc)
  1059. goto out;
  1060. pref_zc = NULL;
  1061. pref_zq = NULL;
  1062. spin_lock(&zcrypt_list_lock);
  1063. for_each_zcrypt_card(zc) {
  1064. /* Check for usable CCA card */
  1065. if (!zc->online || !zc->card->config || zc->card->chkstop ||
  1066. !zc->card->hwinfo.cca)
  1067. continue;
  1068. /* get weight index of the card device */
  1069. wgt = zc->speed_rating[func_code];
  1070. if (!zcrypt_card_compare(zc, pref_zc, wgt, pref_wgt))
  1071. continue;
  1072. for_each_zcrypt_queue(zq, zc) {
  1073. /* check if device is usable and eligible */
  1074. if (!zq->online || !zq->ops->rng ||
  1075. !ap_queue_usable(zq->queue))
  1076. continue;
  1077. if (!zcrypt_queue_compare(zq, pref_zq, wgt, pref_wgt))
  1078. continue;
  1079. pref_zc = zc;
  1080. pref_zq = zq;
  1081. pref_wgt = wgt;
  1082. }
  1083. }
  1084. pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, wgt);
  1085. spin_unlock(&zcrypt_list_lock);
  1086. if (!pref_zq) {
  1087. pr_debug("no matching queue found => ENODEV\n");
  1088. rc = -ENODEV;
  1089. goto out;
  1090. }
  1091. qid = pref_zq->queue->qid;
  1092. rc = pref_zq->ops->rng(pref_zq, buffer, &ap_msg);
  1093. spin_lock(&zcrypt_list_lock);
  1094. zcrypt_drop_queue(pref_zc, pref_zq, mod, wgt);
  1095. spin_unlock(&zcrypt_list_lock);
  1096. out:
  1097. ap_release_apmsg(&ap_msg);
  1098. trace_s390_zcrypt_rep(buffer, func_code, rc,
  1099. AP_QID_CARD(qid), AP_QID_QUEUE(qid),
  1100. ap_msg.psmid);
  1101. return rc;
  1102. }
  1103. static void zcrypt_device_status_mask(struct zcrypt_device_status *devstatus)
  1104. {
  1105. struct zcrypt_card *zc;
  1106. struct zcrypt_queue *zq;
  1107. struct zcrypt_device_status *stat;
  1108. int card, queue;
  1109. memset(devstatus, 0, MAX_ZDEV_ENTRIES
  1110. * sizeof(struct zcrypt_device_status));
  1111. spin_lock(&zcrypt_list_lock);
  1112. for_each_zcrypt_card(zc) {
  1113. for_each_zcrypt_queue(zq, zc) {
  1114. card = AP_QID_CARD(zq->queue->qid);
  1115. if (card >= MAX_ZDEV_CARDIDS)
  1116. continue;
  1117. queue = AP_QID_QUEUE(zq->queue->qid);
  1118. stat = &devstatus[card * AP_DOMAINS + queue];
  1119. stat->hwtype = zc->card->ap_dev.device_type;
  1120. stat->functions = zc->card->hwinfo.fac >> 26;
  1121. stat->qid = zq->queue->qid;
  1122. stat->online = zq->online ? 0x01 : 0x00;
  1123. }
  1124. }
  1125. spin_unlock(&zcrypt_list_lock);
  1126. }
  1127. void zcrypt_device_status_mask_ext(struct zcrypt_device_status_ext *devstatus,
  1128. int maxcard, int maxqueue)
  1129. {
  1130. struct zcrypt_card *zc;
  1131. struct zcrypt_queue *zq;
  1132. struct zcrypt_device_status_ext *stat;
  1133. int card, queue;
  1134. maxcard = min_t(int, maxcard, MAX_ZDEV_CARDIDS_EXT);
  1135. maxqueue = min_t(int, maxqueue, MAX_ZDEV_DOMAINS_EXT);
  1136. spin_lock(&zcrypt_list_lock);
  1137. for_each_zcrypt_card(zc) {
  1138. for_each_zcrypt_queue(zq, zc) {
  1139. card = AP_QID_CARD(zq->queue->qid);
  1140. queue = AP_QID_QUEUE(zq->queue->qid);
  1141. if (card >= maxcard || queue >= maxqueue)
  1142. continue;
  1143. stat = &devstatus[card * maxqueue + queue];
  1144. stat->hwtype = zc->card->ap_dev.device_type;
  1145. stat->functions = zc->card->hwinfo.fac >> 26;
  1146. stat->qid = zq->queue->qid;
  1147. stat->online = zq->online ? 0x01 : 0x00;
  1148. }
  1149. }
  1150. spin_unlock(&zcrypt_list_lock);
  1151. }
  1152. EXPORT_SYMBOL(zcrypt_device_status_mask_ext);
  1153. int zcrypt_device_status_ext(int card, int queue,
  1154. struct zcrypt_device_status_ext *devstat)
  1155. {
  1156. struct zcrypt_card *zc;
  1157. struct zcrypt_queue *zq;
  1158. memset(devstat, 0, sizeof(*devstat));
  1159. spin_lock(&zcrypt_list_lock);
  1160. for_each_zcrypt_card(zc) {
  1161. for_each_zcrypt_queue(zq, zc) {
  1162. if (card == AP_QID_CARD(zq->queue->qid) &&
  1163. queue == AP_QID_QUEUE(zq->queue->qid)) {
  1164. devstat->hwtype = zc->card->ap_dev.device_type;
  1165. devstat->functions = zc->card->hwinfo.fac >> 26;
  1166. devstat->qid = zq->queue->qid;
  1167. devstat->online = zq->online ? 0x01 : 0x00;
  1168. spin_unlock(&zcrypt_list_lock);
  1169. return 0;
  1170. }
  1171. }
  1172. }
  1173. spin_unlock(&zcrypt_list_lock);
  1174. return -ENODEV;
  1175. }
  1176. EXPORT_SYMBOL(zcrypt_device_status_ext);
  1177. static void zcrypt_status_mask(char status[], size_t max_adapters)
  1178. {
  1179. struct zcrypt_card *zc;
  1180. struct zcrypt_queue *zq;
  1181. int card;
  1182. memset(status, 0, max_adapters);
  1183. spin_lock(&zcrypt_list_lock);
  1184. for_each_zcrypt_card(zc) {
  1185. for_each_zcrypt_queue(zq, zc) {
  1186. card = AP_QID_CARD(zq->queue->qid);
  1187. if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index ||
  1188. card >= max_adapters)
  1189. continue;
  1190. status[card] = zc->online ? zc->user_space_type : 0x0d;
  1191. }
  1192. }
  1193. spin_unlock(&zcrypt_list_lock);
  1194. }
  1195. static void zcrypt_qdepth_mask(char qdepth[], size_t max_adapters)
  1196. {
  1197. struct zcrypt_card *zc;
  1198. struct zcrypt_queue *zq;
  1199. int card;
  1200. memset(qdepth, 0, max_adapters);
  1201. spin_lock(&zcrypt_list_lock);
  1202. local_bh_disable();
  1203. for_each_zcrypt_card(zc) {
  1204. for_each_zcrypt_queue(zq, zc) {
  1205. card = AP_QID_CARD(zq->queue->qid);
  1206. if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index ||
  1207. card >= max_adapters)
  1208. continue;
  1209. spin_lock(&zq->queue->lock);
  1210. qdepth[card] =
  1211. zq->queue->pendingq_count +
  1212. zq->queue->requestq_count;
  1213. spin_unlock(&zq->queue->lock);
  1214. }
  1215. }
  1216. local_bh_enable();
  1217. spin_unlock(&zcrypt_list_lock);
  1218. }
  1219. static void zcrypt_perdev_reqcnt(u32 reqcnt[], size_t max_adapters)
  1220. {
  1221. struct zcrypt_card *zc;
  1222. struct zcrypt_queue *zq;
  1223. int card;
  1224. u64 cnt;
  1225. memset(reqcnt, 0, sizeof(int) * max_adapters);
  1226. spin_lock(&zcrypt_list_lock);
  1227. local_bh_disable();
  1228. for_each_zcrypt_card(zc) {
  1229. for_each_zcrypt_queue(zq, zc) {
  1230. card = AP_QID_CARD(zq->queue->qid);
  1231. if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index ||
  1232. card >= max_adapters)
  1233. continue;
  1234. spin_lock(&zq->queue->lock);
  1235. cnt = zq->queue->total_request_count;
  1236. spin_unlock(&zq->queue->lock);
  1237. reqcnt[card] = (cnt < UINT_MAX) ? (u32)cnt : UINT_MAX;
  1238. }
  1239. }
  1240. local_bh_enable();
  1241. spin_unlock(&zcrypt_list_lock);
  1242. }
  1243. static int zcrypt_pendingq_count(void)
  1244. {
  1245. struct zcrypt_card *zc;
  1246. struct zcrypt_queue *zq;
  1247. int pendingq_count;
  1248. pendingq_count = 0;
  1249. spin_lock(&zcrypt_list_lock);
  1250. local_bh_disable();
  1251. for_each_zcrypt_card(zc) {
  1252. for_each_zcrypt_queue(zq, zc) {
  1253. if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index)
  1254. continue;
  1255. spin_lock(&zq->queue->lock);
  1256. pendingq_count += zq->queue->pendingq_count;
  1257. spin_unlock(&zq->queue->lock);
  1258. }
  1259. }
  1260. local_bh_enable();
  1261. spin_unlock(&zcrypt_list_lock);
  1262. return pendingq_count;
  1263. }
  1264. static int zcrypt_requestq_count(void)
  1265. {
  1266. struct zcrypt_card *zc;
  1267. struct zcrypt_queue *zq;
  1268. int requestq_count;
  1269. requestq_count = 0;
  1270. spin_lock(&zcrypt_list_lock);
  1271. local_bh_disable();
  1272. for_each_zcrypt_card(zc) {
  1273. for_each_zcrypt_queue(zq, zc) {
  1274. if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index)
  1275. continue;
  1276. spin_lock(&zq->queue->lock);
  1277. requestq_count += zq->queue->requestq_count;
  1278. spin_unlock(&zq->queue->lock);
  1279. }
  1280. }
  1281. local_bh_enable();
  1282. spin_unlock(&zcrypt_list_lock);
  1283. return requestq_count;
  1284. }
  1285. static int icarsamodexpo_ioctl(struct ap_perms *perms, unsigned long arg)
  1286. {
  1287. int rc;
  1288. struct zcrypt_track tr;
  1289. struct ica_rsa_modexpo mex;
  1290. struct ica_rsa_modexpo __user *umex = (void __user *)arg;
  1291. memset(&tr, 0, sizeof(tr));
  1292. if (copy_from_user(&mex, umex, sizeof(mex)))
  1293. return -EFAULT;
  1294. do {
  1295. rc = zcrypt_rsa_modexpo(perms, &tr, &mex);
  1296. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1297. /* on ENODEV failure: retry once again after a requested rescan */
  1298. if (rc == -ENODEV && zcrypt_process_rescan())
  1299. do {
  1300. rc = zcrypt_rsa_modexpo(perms, &tr, &mex);
  1301. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1302. if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX)
  1303. rc = -EIO;
  1304. if (rc) {
  1305. pr_debug("ioctl ICARSAMODEXPO rc=%d\n", rc);
  1306. return rc;
  1307. }
  1308. return put_user(mex.outputdatalength, &umex->outputdatalength);
  1309. }
  1310. static int icarsacrt_ioctl(struct ap_perms *perms, unsigned long arg)
  1311. {
  1312. int rc;
  1313. struct zcrypt_track tr;
  1314. struct ica_rsa_modexpo_crt crt;
  1315. struct ica_rsa_modexpo_crt __user *ucrt = (void __user *)arg;
  1316. memset(&tr, 0, sizeof(tr));
  1317. if (copy_from_user(&crt, ucrt, sizeof(crt)))
  1318. return -EFAULT;
  1319. do {
  1320. rc = zcrypt_rsa_crt(perms, &tr, &crt);
  1321. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1322. /* on ENODEV failure: retry once again after a requested rescan */
  1323. if (rc == -ENODEV && zcrypt_process_rescan())
  1324. do {
  1325. rc = zcrypt_rsa_crt(perms, &tr, &crt);
  1326. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1327. if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX)
  1328. rc = -EIO;
  1329. if (rc) {
  1330. pr_debug("ioctl ICARSACRT rc=%d\n", rc);
  1331. return rc;
  1332. }
  1333. return put_user(crt.outputdatalength, &ucrt->outputdatalength);
  1334. }
  1335. static int zsecsendcprb_ioctl(struct ap_perms *perms, unsigned long arg)
  1336. {
  1337. int rc;
  1338. struct ica_xcRB xcrb;
  1339. struct zcrypt_track tr;
  1340. u32 xflags = ZCRYPT_XFLAG_USERSPACE;
  1341. struct ica_xcRB __user *uxcrb = (void __user *)arg;
  1342. memset(&tr, 0, sizeof(tr));
  1343. if (copy_from_user(&xcrb, uxcrb, sizeof(xcrb)))
  1344. return -EFAULT;
  1345. do {
  1346. rc = _zcrypt_send_cprb(xflags, perms, &tr, &xcrb);
  1347. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1348. /* on ENODEV failure: retry once again after a requested rescan */
  1349. if (rc == -ENODEV && zcrypt_process_rescan())
  1350. do {
  1351. rc = _zcrypt_send_cprb(xflags, perms, &tr, &xcrb);
  1352. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1353. if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX)
  1354. rc = -EIO;
  1355. if (rc)
  1356. pr_debug("ioctl ZSENDCPRB rc=%d status=0x%x\n",
  1357. rc, xcrb.status);
  1358. if (copy_to_user(uxcrb, &xcrb, sizeof(xcrb)))
  1359. return -EFAULT;
  1360. return rc;
  1361. }
  1362. static int zsendep11cprb_ioctl(struct ap_perms *perms, unsigned long arg)
  1363. {
  1364. int rc;
  1365. struct ep11_urb xcrb;
  1366. struct zcrypt_track tr;
  1367. u32 xflags = ZCRYPT_XFLAG_USERSPACE;
  1368. struct ep11_urb __user *uxcrb = (void __user *)arg;
  1369. memset(&tr, 0, sizeof(tr));
  1370. if (copy_from_user(&xcrb, uxcrb, sizeof(xcrb)))
  1371. return -EFAULT;
  1372. do {
  1373. rc = _zcrypt_send_ep11_cprb(xflags, perms, &tr, &xcrb);
  1374. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1375. /* on ENODEV failure: retry once again after a requested rescan */
  1376. if (rc == -ENODEV && zcrypt_process_rescan())
  1377. do {
  1378. rc = _zcrypt_send_ep11_cprb(xflags, perms, &tr, &xcrb);
  1379. } while (rc == -EAGAIN && ++tr.again_counter < TRACK_AGAIN_MAX);
  1380. if (rc == -EAGAIN && tr.again_counter >= TRACK_AGAIN_MAX)
  1381. rc = -EIO;
  1382. if (rc)
  1383. pr_debug("ioctl ZSENDEP11CPRB rc=%d\n", rc);
  1384. if (copy_to_user(uxcrb, &xcrb, sizeof(xcrb)))
  1385. return -EFAULT;
  1386. return rc;
  1387. }
  1388. static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd,
  1389. unsigned long arg)
  1390. {
  1391. int rc;
  1392. struct ap_perms *perms =
  1393. (struct ap_perms *)filp->private_data;
  1394. rc = zcrypt_check_ioctl(perms, cmd);
  1395. if (rc)
  1396. return rc;
  1397. switch (cmd) {
  1398. case ICARSAMODEXPO:
  1399. return icarsamodexpo_ioctl(perms, arg);
  1400. case ICARSACRT:
  1401. return icarsacrt_ioctl(perms, arg);
  1402. case ZSECSENDCPRB:
  1403. return zsecsendcprb_ioctl(perms, arg);
  1404. case ZSENDEP11CPRB:
  1405. return zsendep11cprb_ioctl(perms, arg);
  1406. case ZCRYPT_DEVICE_STATUS: {
  1407. struct zcrypt_device_status_ext *device_status;
  1408. size_t total_size = MAX_ZDEV_ENTRIES_EXT
  1409. * sizeof(struct zcrypt_device_status_ext);
  1410. device_status = kvzalloc_objs(struct zcrypt_device_status_ext,
  1411. MAX_ZDEV_ENTRIES_EXT);
  1412. if (!device_status)
  1413. return -ENOMEM;
  1414. zcrypt_device_status_mask_ext(device_status,
  1415. MAX_ZDEV_CARDIDS_EXT,
  1416. MAX_ZDEV_DOMAINS_EXT);
  1417. if (copy_to_user((char __user *)arg, device_status,
  1418. total_size))
  1419. rc = -EFAULT;
  1420. kvfree(device_status);
  1421. return rc;
  1422. }
  1423. case ZCRYPT_STATUS_MASK: {
  1424. char status[AP_DEVICES];
  1425. zcrypt_status_mask(status, AP_DEVICES);
  1426. if (copy_to_user((char __user *)arg, status, sizeof(status)))
  1427. return -EFAULT;
  1428. return 0;
  1429. }
  1430. case ZCRYPT_QDEPTH_MASK: {
  1431. char qdepth[AP_DEVICES];
  1432. zcrypt_qdepth_mask(qdepth, AP_DEVICES);
  1433. if (copy_to_user((char __user *)arg, qdepth, sizeof(qdepth)))
  1434. return -EFAULT;
  1435. return 0;
  1436. }
  1437. case ZCRYPT_PERDEV_REQCNT: {
  1438. u32 *reqcnt;
  1439. reqcnt = kcalloc(AP_DEVICES, sizeof(u32), GFP_KERNEL);
  1440. if (!reqcnt)
  1441. return -ENOMEM;
  1442. zcrypt_perdev_reqcnt(reqcnt, AP_DEVICES);
  1443. if (copy_to_user((int __user *)arg, reqcnt,
  1444. sizeof(u32) * AP_DEVICES))
  1445. rc = -EFAULT;
  1446. kfree(reqcnt);
  1447. return rc;
  1448. }
  1449. case Z90STAT_REQUESTQ_COUNT:
  1450. return put_user(zcrypt_requestq_count(), (int __user *)arg);
  1451. case Z90STAT_PENDINGQ_COUNT:
  1452. return put_user(zcrypt_pendingq_count(), (int __user *)arg);
  1453. case Z90STAT_TOTALOPEN_COUNT:
  1454. return put_user(atomic_read(&zcrypt_open_count),
  1455. (int __user *)arg);
  1456. case Z90STAT_DOMAIN_INDEX:
  1457. return put_user(ap_domain_index, (int __user *)arg);
  1458. /*
  1459. * Deprecated ioctls
  1460. */
  1461. case ZDEVICESTATUS: {
  1462. /* the old ioctl supports only 64 adapters */
  1463. struct zcrypt_device_status *device_status;
  1464. size_t total_size = MAX_ZDEV_ENTRIES
  1465. * sizeof(struct zcrypt_device_status);
  1466. device_status = kzalloc(total_size, GFP_KERNEL);
  1467. if (!device_status)
  1468. return -ENOMEM;
  1469. zcrypt_device_status_mask(device_status);
  1470. if (copy_to_user((char __user *)arg, device_status,
  1471. total_size))
  1472. rc = -EFAULT;
  1473. kfree(device_status);
  1474. return rc;
  1475. }
  1476. case Z90STAT_STATUS_MASK: {
  1477. /* the old ioctl supports only 64 adapters */
  1478. char status[MAX_ZDEV_CARDIDS];
  1479. zcrypt_status_mask(status, MAX_ZDEV_CARDIDS);
  1480. if (copy_to_user((char __user *)arg, status, sizeof(status)))
  1481. return -EFAULT;
  1482. return 0;
  1483. }
  1484. case Z90STAT_QDEPTH_MASK: {
  1485. /* the old ioctl supports only 64 adapters */
  1486. char qdepth[MAX_ZDEV_CARDIDS];
  1487. zcrypt_qdepth_mask(qdepth, MAX_ZDEV_CARDIDS);
  1488. if (copy_to_user((char __user *)arg, qdepth, sizeof(qdepth)))
  1489. return -EFAULT;
  1490. return 0;
  1491. }
  1492. case Z90STAT_PERDEV_REQCNT: {
  1493. /* the old ioctl supports only 64 adapters */
  1494. u32 reqcnt[MAX_ZDEV_CARDIDS];
  1495. zcrypt_perdev_reqcnt(reqcnt, MAX_ZDEV_CARDIDS);
  1496. if (copy_to_user((int __user *)arg, reqcnt, sizeof(reqcnt)))
  1497. return -EFAULT;
  1498. return 0;
  1499. }
  1500. /* unknown ioctl number */
  1501. default:
  1502. pr_debug("unknown ioctl 0x%08x\n", cmd);
  1503. return -ENOIOCTLCMD;
  1504. }
  1505. }
  1506. /*
  1507. * Misc device file operations.
  1508. */
  1509. static const struct file_operations zcrypt_fops = {
  1510. .owner = THIS_MODULE,
  1511. .read = zcrypt_read,
  1512. .write = zcrypt_write,
  1513. .unlocked_ioctl = zcrypt_unlocked_ioctl,
  1514. .open = zcrypt_open,
  1515. .release = zcrypt_release,
  1516. };
  1517. /*
  1518. * Misc device.
  1519. */
  1520. static struct miscdevice zcrypt_misc_device = {
  1521. .minor = MISC_DYNAMIC_MINOR,
  1522. .name = "z90crypt",
  1523. .fops = &zcrypt_fops,
  1524. };
  1525. static int zcrypt_rng_device_count;
  1526. static u32 *zcrypt_rng_buffer;
  1527. static int zcrypt_rng_buffer_index;
  1528. static DEFINE_MUTEX(zcrypt_rng_mutex);
  1529. static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data)
  1530. {
  1531. int rc;
  1532. /*
  1533. * We don't need locking here because the RNG API guarantees serialized
  1534. * read method calls.
  1535. */
  1536. if (zcrypt_rng_buffer_index == 0) {
  1537. rc = zcrypt_rng((char *)zcrypt_rng_buffer);
  1538. /* on ENODEV failure: retry once again after an AP bus rescan */
  1539. if (rc == -ENODEV && zcrypt_process_rescan())
  1540. rc = zcrypt_rng((char *)zcrypt_rng_buffer);
  1541. if (rc < 0)
  1542. return -EIO;
  1543. zcrypt_rng_buffer_index = rc / sizeof(*data);
  1544. }
  1545. *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index];
  1546. return sizeof(*data);
  1547. }
  1548. static struct hwrng zcrypt_rng_dev = {
  1549. .name = "zcrypt",
  1550. .data_read = zcrypt_rng_data_read,
  1551. .quality = 990,
  1552. };
  1553. int zcrypt_rng_device_add(void)
  1554. {
  1555. int rc = 0;
  1556. mutex_lock(&zcrypt_rng_mutex);
  1557. if (zcrypt_rng_device_count == 0) {
  1558. zcrypt_rng_buffer = (u32 *)get_zeroed_page(GFP_KERNEL);
  1559. if (!zcrypt_rng_buffer) {
  1560. rc = -ENOMEM;
  1561. goto out;
  1562. }
  1563. zcrypt_rng_buffer_index = 0;
  1564. rc = hwrng_register(&zcrypt_rng_dev);
  1565. if (rc)
  1566. goto out_free;
  1567. zcrypt_rng_device_count = 1;
  1568. } else {
  1569. zcrypt_rng_device_count++;
  1570. }
  1571. mutex_unlock(&zcrypt_rng_mutex);
  1572. return 0;
  1573. out_free:
  1574. free_page((unsigned long)zcrypt_rng_buffer);
  1575. out:
  1576. mutex_unlock(&zcrypt_rng_mutex);
  1577. return rc;
  1578. }
  1579. void zcrypt_rng_device_remove(void)
  1580. {
  1581. mutex_lock(&zcrypt_rng_mutex);
  1582. zcrypt_rng_device_count--;
  1583. if (zcrypt_rng_device_count == 0) {
  1584. hwrng_unregister(&zcrypt_rng_dev);
  1585. free_page((unsigned long)zcrypt_rng_buffer);
  1586. }
  1587. mutex_unlock(&zcrypt_rng_mutex);
  1588. }
  1589. /*
  1590. * Wait until the zcrypt api is operational.
  1591. * The AP bus scan and the binding of ap devices to device drivers is
  1592. * an asynchronous job. This function waits until these initial jobs
  1593. * are done and so the zcrypt api should be ready to serve crypto
  1594. * requests - if there are resources available. The function uses an
  1595. * internal timeout of 30s. The very first caller will either wait for
  1596. * ap bus bindings complete or the timeout happens. This state will be
  1597. * remembered for further callers which will only be blocked until a
  1598. * decision is made (timeout or bindings complete).
  1599. * On timeout -ETIME is returned, on success the return value is 0.
  1600. */
  1601. int zcrypt_wait_api_operational(void)
  1602. {
  1603. static DEFINE_MUTEX(zcrypt_wait_api_lock);
  1604. static int zcrypt_wait_api_state;
  1605. int rc;
  1606. rc = mutex_lock_interruptible(&zcrypt_wait_api_lock);
  1607. if (rc)
  1608. return rc;
  1609. switch (zcrypt_wait_api_state) {
  1610. case 0:
  1611. /* initial state, invoke wait for the ap bus complete */
  1612. rc = ap_wait_apqn_bindings_complete(
  1613. msecs_to_jiffies(ZCRYPT_WAIT_BINDINGS_COMPLETE_MS));
  1614. switch (rc) {
  1615. case 0:
  1616. /* ap bus bindings are complete */
  1617. zcrypt_wait_api_state = 1;
  1618. break;
  1619. case -EINTR:
  1620. /* interrupted, go back to caller */
  1621. break;
  1622. case -ETIME:
  1623. /* timeout */
  1624. ZCRYPT_DBF_WARN("%s ap_wait_init_apqn_bindings_complete()=ETIME\n",
  1625. __func__);
  1626. zcrypt_wait_api_state = -ETIME;
  1627. break;
  1628. default:
  1629. /* other failure */
  1630. pr_debug("ap_wait_init_apqn_bindings_complete()=%d\n", rc);
  1631. break;
  1632. }
  1633. break;
  1634. case 1:
  1635. /* a previous caller already found ap bus bindings complete */
  1636. rc = 0;
  1637. break;
  1638. default:
  1639. /* a previous caller had timeout or other failure */
  1640. rc = zcrypt_wait_api_state;
  1641. break;
  1642. }
  1643. mutex_unlock(&zcrypt_wait_api_lock);
  1644. return rc;
  1645. }
  1646. EXPORT_SYMBOL(zcrypt_wait_api_operational);
  1647. int __init zcrypt_debug_init(void)
  1648. {
  1649. zcrypt_dbf_info = debug_register("zcrypt", 2, 1,
  1650. ZCRYPT_DBF_MAX_SPRINTF_ARGS * sizeof(long));
  1651. debug_register_view(zcrypt_dbf_info, &debug_sprintf_view);
  1652. debug_set_level(zcrypt_dbf_info, DBF_ERR);
  1653. return 0;
  1654. }
  1655. void zcrypt_debug_exit(void)
  1656. {
  1657. debug_unregister(zcrypt_dbf_info);
  1658. }
  1659. static int __init zcdn_init(void)
  1660. {
  1661. int rc;
  1662. /* create a new class 'zcrypt' */
  1663. rc = class_register(&zcrypt_class);
  1664. if (rc)
  1665. goto out_class_register_failed;
  1666. /* alloc device minor range */
  1667. rc = alloc_chrdev_region(&zcrypt_devt,
  1668. 0, ZCRYPT_MAX_MINOR_NODES,
  1669. ZCRYPT_NAME);
  1670. if (rc)
  1671. goto out_alloc_chrdev_failed;
  1672. cdev_init(&zcrypt_cdev, &zcrypt_fops);
  1673. zcrypt_cdev.owner = THIS_MODULE;
  1674. rc = cdev_add(&zcrypt_cdev, zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
  1675. if (rc)
  1676. goto out_cdev_add_failed;
  1677. /* need some class specific sysfs attributes */
  1678. rc = class_create_file(&zcrypt_class, &class_attr_zcdn_create);
  1679. if (rc)
  1680. goto out_class_create_file_1_failed;
  1681. rc = class_create_file(&zcrypt_class, &class_attr_zcdn_destroy);
  1682. if (rc)
  1683. goto out_class_create_file_2_failed;
  1684. return 0;
  1685. out_class_create_file_2_failed:
  1686. class_remove_file(&zcrypt_class, &class_attr_zcdn_create);
  1687. out_class_create_file_1_failed:
  1688. cdev_del(&zcrypt_cdev);
  1689. out_cdev_add_failed:
  1690. unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
  1691. out_alloc_chrdev_failed:
  1692. class_unregister(&zcrypt_class);
  1693. out_class_register_failed:
  1694. return rc;
  1695. }
  1696. static void zcdn_exit(void)
  1697. {
  1698. class_remove_file(&zcrypt_class, &class_attr_zcdn_create);
  1699. class_remove_file(&zcrypt_class, &class_attr_zcdn_destroy);
  1700. zcdn_destroy_all();
  1701. cdev_del(&zcrypt_cdev);
  1702. unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
  1703. class_unregister(&zcrypt_class);
  1704. }
  1705. /*
  1706. * zcrypt_api_init(): Module initialization.
  1707. *
  1708. * The module initialization code.
  1709. */
  1710. int __init zcrypt_api_init(void)
  1711. {
  1712. int rc;
  1713. /* make sure the mempool threshold is >= 1 */
  1714. if (zcrypt_mempool_threshold < 1) {
  1715. rc = -EINVAL;
  1716. goto out;
  1717. }
  1718. rc = zcrypt_debug_init();
  1719. if (rc)
  1720. goto out;
  1721. rc = zcdn_init();
  1722. if (rc)
  1723. goto out_zcdn_init_failed;
  1724. rc = zcrypt_ccamisc_init();
  1725. if (rc)
  1726. goto out_ccamisc_init_failed;
  1727. rc = zcrypt_ep11misc_init();
  1728. if (rc)
  1729. goto out_ep11misc_init_failed;
  1730. /* Register the request sprayer. */
  1731. rc = misc_register(&zcrypt_misc_device);
  1732. if (rc < 0)
  1733. goto out_misc_register_failed;
  1734. zcrypt_msgtype6_init();
  1735. zcrypt_msgtype50_init();
  1736. return 0;
  1737. out_misc_register_failed:
  1738. zcrypt_ep11misc_exit();
  1739. out_ep11misc_init_failed:
  1740. zcrypt_ccamisc_exit();
  1741. out_ccamisc_init_failed:
  1742. zcdn_exit();
  1743. out_zcdn_init_failed:
  1744. zcrypt_debug_exit();
  1745. out:
  1746. return rc;
  1747. }
  1748. /*
  1749. * zcrypt_api_exit(): Module termination.
  1750. *
  1751. * The module termination code.
  1752. */
  1753. void __exit zcrypt_api_exit(void)
  1754. {
  1755. zcdn_exit();
  1756. misc_deregister(&zcrypt_misc_device);
  1757. zcrypt_msgtype6_exit();
  1758. zcrypt_msgtype50_exit();
  1759. zcrypt_ccamisc_exit();
  1760. zcrypt_ep11misc_exit();
  1761. zcrypt_debug_exit();
  1762. }
  1763. module_init(zcrypt_api_init);
  1764. module_exit(zcrypt_api_exit);