zcrypt_api.h 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204
  1. /* SPDX-License-Identifier: GPL-2.0+ */
  2. /*
  3. * Copyright IBM Corp. 2001, 2019
  4. * Author(s): Robert Burroughs
  5. * Eric Rossman (edrossma@us.ibm.com)
  6. * Cornelia Huck <cornelia.huck@de.ibm.com>
  7. *
  8. * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
  9. * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
  10. * Ralph Wuerthner <rwuerthn@de.ibm.com>
  11. * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
  12. */
  13. #ifndef _ZCRYPT_API_H_
  14. #define _ZCRYPT_API_H_
  15. #include <linux/atomic.h>
  16. #include <asm/debug.h>
  17. #include <asm/zcrypt.h>
  18. #include "ap_bus.h"
  19. /**
  20. * Supported device types
  21. */
  22. #define ZCRYPT_CEX2C 5
  23. #define ZCRYPT_CEX2A 6
  24. #define ZCRYPT_CEX3C 7
  25. #define ZCRYPT_CEX3A 8
  26. #define ZCRYPT_CEX4 10
  27. #define ZCRYPT_CEX5 11
  28. #define ZCRYPT_CEX6 12
  29. #define ZCRYPT_CEX7 13
  30. /**
  31. * Large random numbers are pulled in 4096 byte chunks from the crypto cards
  32. * and stored in a page. Be careful when increasing this buffer due to size
  33. * limitations for AP requests.
  34. */
  35. #define ZCRYPT_RNG_BUFFER_SIZE 4096
  36. /**
  37. * The zcrypt_wait_api_operational() function waits this
  38. * amount in milliseconds for ap_wait_aqpn_bindings_complete().
  39. * Also on a cprb send failure with ENODEV the send functions
  40. * trigger an ap bus rescan and wait this time in milliseconds
  41. * for ap_wait_aqpn_bindings_complete() before resending.
  42. */
  43. #define ZCRYPT_WAIT_BINDINGS_COMPLETE_MS 30000
  44. /*
  45. * Identifier for Crypto Request Performance Index
  46. */
  47. enum crypto_ops {
  48. MEX_1K,
  49. MEX_2K,
  50. MEX_4K,
  51. CRT_1K,
  52. CRT_2K,
  53. CRT_4K,
  54. HWRNG,
  55. SECKEY,
  56. NUM_OPS
  57. };
  58. struct zcrypt_queue;
  59. /* struct to hold tracking information for a userspace request/response */
  60. struct zcrypt_track {
  61. int again_counter; /* retry attempts counter */
  62. int last_qid; /* last qid used */
  63. int last_rc; /* last return code */
  64. };
  65. /* defines related to message tracking */
  66. #define TRACK_AGAIN_MAX 10
  67. #define TRACK_AGAIN_CARD_WEIGHT_PENALTY 1000
  68. #define TRACK_AGAIN_QUEUE_WEIGHT_PENALTY 10000
  69. /*
  70. * xflags - to be used with zcrypt_send_cprb() and
  71. * zcrypt_send_ep11_cprb() for the xflags parameter.
  72. */
  73. #define ZCRYPT_XFLAG_USERSPACE 0x0001 /* data ptrs address userspace */
  74. #define ZCRYPT_XFLAG_NOMEMALLOC 0x0002 /* do not allocate memory via kmalloc */
  75. struct zcrypt_ops {
  76. long (*rsa_modexpo)(struct zcrypt_queue *, struct ica_rsa_modexpo *,
  77. struct ap_message *);
  78. long (*rsa_modexpo_crt)(struct zcrypt_queue *,
  79. struct ica_rsa_modexpo_crt *,
  80. struct ap_message *);
  81. long (*send_cprb)(bool userspace, struct zcrypt_queue *, struct ica_xcRB *,
  82. struct ap_message *);
  83. long (*send_ep11_cprb)(bool userspace, struct zcrypt_queue *, struct ep11_urb *,
  84. struct ap_message *);
  85. long (*rng)(struct zcrypt_queue *, char *, struct ap_message *);
  86. struct list_head list; /* zcrypt ops list. */
  87. struct module *owner;
  88. int variant;
  89. char name[128];
  90. };
  91. struct zcrypt_card {
  92. struct list_head list; /* Device list. */
  93. struct list_head zqueues; /* List of zcrypt queues */
  94. struct kref refcount; /* device refcounting */
  95. struct ap_card *card; /* The "real" ap card device. */
  96. int online; /* User online/offline */
  97. int user_space_type; /* User space device id. */
  98. char *type_string; /* User space device name. */
  99. int min_mod_size; /* Min number of bits. */
  100. int max_mod_size; /* Max number of bits. */
  101. int max_exp_bit_length;
  102. const int *speed_rating; /* Speed idx of crypto ops. */
  103. atomic_t load; /* Utilization of the crypto device */
  104. int request_count; /* # current requests. */
  105. };
  106. struct zcrypt_queue {
  107. struct list_head list; /* Device list. */
  108. struct kref refcount; /* device refcounting */
  109. struct zcrypt_card *zcard;
  110. struct zcrypt_ops *ops; /* Crypto operations. */
  111. struct ap_queue *queue; /* The "real" ap queue device. */
  112. int online; /* User online/offline */
  113. atomic_t load; /* Utilization of the crypto device */
  114. int request_count; /* # current requests. */
  115. struct ap_message reply; /* Per-device reply structure. */
  116. };
  117. /* transport layer rescanning */
  118. extern atomic_t zcrypt_rescan_req;
  119. extern spinlock_t zcrypt_list_lock;
  120. extern struct list_head zcrypt_card_list;
  121. extern unsigned int zcrypt_mempool_threshold;
  122. #define for_each_zcrypt_card(_zc) \
  123. list_for_each_entry(_zc, &zcrypt_card_list, list)
  124. #define for_each_zcrypt_queue(_zq, _zc) \
  125. list_for_each_entry(_zq, &(_zc)->zqueues, list)
  126. struct zcrypt_card *zcrypt_card_alloc(void);
  127. void zcrypt_card_free(struct zcrypt_card *);
  128. void zcrypt_card_get(struct zcrypt_card *);
  129. int zcrypt_card_put(struct zcrypt_card *);
  130. int zcrypt_card_register(struct zcrypt_card *);
  131. void zcrypt_card_unregister(struct zcrypt_card *);
  132. struct zcrypt_queue *zcrypt_queue_alloc(size_t);
  133. void zcrypt_queue_free(struct zcrypt_queue *);
  134. void zcrypt_queue_get(struct zcrypt_queue *);
  135. int zcrypt_queue_put(struct zcrypt_queue *);
  136. int zcrypt_queue_register(struct zcrypt_queue *);
  137. void zcrypt_queue_unregister(struct zcrypt_queue *);
  138. bool zcrypt_queue_force_online(struct zcrypt_queue *zq, int online);
  139. int zcrypt_rng_device_add(void);
  140. void zcrypt_rng_device_remove(void);
  141. void zcrypt_msgtype_register(struct zcrypt_ops *);
  142. void zcrypt_msgtype_unregister(struct zcrypt_ops *);
  143. struct zcrypt_ops *zcrypt_msgtype(unsigned char *, int);
  144. int zcrypt_api_init(void);
  145. void zcrypt_api_exit(void);
  146. long zcrypt_send_cprb(struct ica_xcRB *xcRB, u32 xflags);
  147. long zcrypt_send_ep11_cprb(struct ep11_urb *urb, u32 xflags);
  148. void zcrypt_device_status_mask_ext(struct zcrypt_device_status_ext *devstatus,
  149. int maxcard, int maxqueue);
  150. int zcrypt_device_status_ext(int card, int queue,
  151. struct zcrypt_device_status_ext *devstatus);
  152. int zcrypt_wait_api_operational(void);
  153. static inline unsigned long z_copy_from_user(bool userspace,
  154. void *to,
  155. const void __user *from,
  156. unsigned long n)
  157. {
  158. if (likely(userspace))
  159. return copy_from_user(to, from, n);
  160. memcpy(to, (void __force *)from, n);
  161. return 0;
  162. }
  163. static inline unsigned long z_copy_to_user(bool userspace,
  164. void __user *to,
  165. const void *from,
  166. unsigned long n)
  167. {
  168. if (likely(userspace))
  169. return copy_to_user(to, from, n);
  170. memcpy((void __force *)to, from, n);
  171. return 0;
  172. }
  173. #endif /* _ZCRYPT_API_H_ */