1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright IBM Corp. 2001, 2018
4 * Author(s): Robert Burroughs
5 * Eric Rossman (edrossma@us.ibm.com)
6 * Cornelia Huck <cornelia.huck@de.ibm.com>
8 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
9 * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
10 * Ralph Wuerthner <rwuerthn@de.ibm.com>
11 * MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
12 * Multiple device nodes: Harald Freudenberger <freude@linux.ibm.com>
15 #include <linux/module.h>
16 #include <linux/init.h>
17 #include <linux/interrupt.h>
18 #include <linux/miscdevice.h>
20 #include <linux/compat.h>
21 #include <linux/slab.h>
22 #include <linux/atomic.h>
23 #include <linux/uaccess.h>
24 #include <linux/hw_random.h>
25 #include <linux/debugfs.h>
26 #include <linux/cdev.h>
27 #include <linux/ctype.h>
28 #include <asm/debug.h>
30 #define CREATE_TRACE_POINTS
31 #include <asm/trace/zcrypt.h>
33 #include "zcrypt_api.h"
34 #include "zcrypt_debug.h"
36 #include "zcrypt_msgtype6.h"
37 #include "zcrypt_msgtype50.h"
42 MODULE_AUTHOR("IBM Corporation");
43 MODULE_DESCRIPTION("Cryptographic Coprocessor interface, " \
44 "Copyright IBM Corp. 2001, 2012");
45 MODULE_LICENSE("GPL");
48 * zcrypt tracepoint functions
50 EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_req);
51 EXPORT_TRACEPOINT_SYMBOL(s390_zcrypt_rep);
53 static int zcrypt_hwrng_seed = 1;
54 module_param_named(hwrng_seed, zcrypt_hwrng_seed, int, 0440);
55 MODULE_PARM_DESC(hwrng_seed, "Turn on/off hwrng auto seed, default is 1 (on).");
57 DEFINE_SPINLOCK(zcrypt_list_lock);
58 LIST_HEAD(zcrypt_card_list);
59 int zcrypt_device_count;
61 static atomic_t zcrypt_open_count = ATOMIC_INIT(0);
62 static atomic_t zcrypt_rescan_count = ATOMIC_INIT(0);
64 atomic_t zcrypt_rescan_req = ATOMIC_INIT(0);
65 EXPORT_SYMBOL(zcrypt_rescan_req);
67 static LIST_HEAD(zcrypt_ops_list);
69 /* Zcrypt related debug feature stuff. */
70 debug_info_t *zcrypt_dbf_info;
73 * Process a rescan of the transport layer.
75 * Returns 1, if the rescan has been processed, otherwise 0.
77 static inline int zcrypt_process_rescan(void)
79 if (atomic_read(&zcrypt_rescan_req)) {
80 atomic_set(&zcrypt_rescan_req, 0);
81 atomic_inc(&zcrypt_rescan_count);
82 ap_bus_force_rescan();
83 ZCRYPT_DBF(DBF_INFO, "rescan count=%07d\n",
84 atomic_inc_return(&zcrypt_rescan_count));
90 void zcrypt_msgtype_register(struct zcrypt_ops *zops)
92 list_add_tail(&zops->list, &zcrypt_ops_list);
95 void zcrypt_msgtype_unregister(struct zcrypt_ops *zops)
97 list_del_init(&zops->list);
100 struct zcrypt_ops *zcrypt_msgtype(unsigned char *name, int variant)
102 struct zcrypt_ops *zops;
104 list_for_each_entry(zops, &zcrypt_ops_list, list)
105 if ((zops->variant == variant) &&
106 (!strncmp(zops->name, name, sizeof(zops->name))))
110 EXPORT_SYMBOL(zcrypt_msgtype);
113 * Multi device nodes extension functions.
116 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
120 static struct class *zcrypt_class;
121 static dev_t zcrypt_devt;
122 static struct cdev zcrypt_cdev;
125 struct device device;
126 struct ap_perms perms;
129 #define to_zcdn_dev(x) container_of((x), struct zcdn_device, device)
131 #define ZCDN_MAX_NAME 32
133 static int zcdn_create(const char *name);
134 static int zcdn_destroy(const char *name);
136 /* helper function, matches the devt value for find_zcdndev_by_devt() */
137 static int __match_zcdn_devt(struct device *dev, const void *data)
139 return dev->devt == *((dev_t *) data);
143 * Find zcdn device by name.
144 * Returns reference to the zcdn device which needs to be released
145 * with put_device() after use.
147 static inline struct zcdn_device *find_zcdndev_by_name(const char *name)
149 struct device *dev = class_find_device_by_name(zcrypt_class, name);
151 return dev ? to_zcdn_dev(dev) : NULL;
155 * Find zcdn device by devt value.
156 * Returns reference to the zcdn device which needs to be released
157 * with put_device() after use.
159 static inline struct zcdn_device *find_zcdndev_by_devt(dev_t devt)
162 class_find_device(zcrypt_class, NULL,
166 return dev ? to_zcdn_dev(dev) : NULL;
169 static ssize_t ioctlmask_show(struct device *dev,
170 struct device_attribute *attr,
174 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
176 if (mutex_lock_interruptible(&ap_perms_mutex))
181 for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++)
182 snprintf(buf + 2 + 2 * i * sizeof(long),
183 PAGE_SIZE - 2 - 2 * i * sizeof(long),
184 "%016lx", zcdndev->perms.ioctlm[i]);
185 buf[2 + 2 * i * sizeof(long)] = '\n';
186 buf[2 + 2 * i * sizeof(long) + 1] = '\0';
187 rc = 2 + 2 * i * sizeof(long) + 1;
189 mutex_unlock(&ap_perms_mutex);
194 static ssize_t ioctlmask_store(struct device *dev,
195 struct device_attribute *attr,
196 const char *buf, size_t count)
199 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
201 rc = ap_parse_mask_str(buf, zcdndev->perms.ioctlm,
202 AP_IOCTLS, &ap_perms_mutex);
209 static DEVICE_ATTR_RW(ioctlmask);
211 static ssize_t apmask_show(struct device *dev,
212 struct device_attribute *attr,
216 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
218 if (mutex_lock_interruptible(&ap_perms_mutex))
223 for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++)
224 snprintf(buf + 2 + 2 * i * sizeof(long),
225 PAGE_SIZE - 2 - 2 * i * sizeof(long),
226 "%016lx", zcdndev->perms.apm[i]);
227 buf[2 + 2 * i * sizeof(long)] = '\n';
228 buf[2 + 2 * i * sizeof(long) + 1] = '\0';
229 rc = 2 + 2 * i * sizeof(long) + 1;
231 mutex_unlock(&ap_perms_mutex);
236 static ssize_t apmask_store(struct device *dev,
237 struct device_attribute *attr,
238 const char *buf, size_t count)
241 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
243 rc = ap_parse_mask_str(buf, zcdndev->perms.apm,
244 AP_DEVICES, &ap_perms_mutex);
251 static DEVICE_ATTR_RW(apmask);
253 static ssize_t aqmask_show(struct device *dev,
254 struct device_attribute *attr,
258 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
260 if (mutex_lock_interruptible(&ap_perms_mutex))
265 for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++)
266 snprintf(buf + 2 + 2 * i * sizeof(long),
267 PAGE_SIZE - 2 - 2 * i * sizeof(long),
268 "%016lx", zcdndev->perms.aqm[i]);
269 buf[2 + 2 * i * sizeof(long)] = '\n';
270 buf[2 + 2 * i * sizeof(long) + 1] = '\0';
271 rc = 2 + 2 * i * sizeof(long) + 1;
273 mutex_unlock(&ap_perms_mutex);
278 static ssize_t aqmask_store(struct device *dev,
279 struct device_attribute *attr,
280 const char *buf, size_t count)
283 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
285 rc = ap_parse_mask_str(buf, zcdndev->perms.aqm,
286 AP_DOMAINS, &ap_perms_mutex);
293 static DEVICE_ATTR_RW(aqmask);
295 static struct attribute *zcdn_dev_attrs[] = {
296 &dev_attr_ioctlmask.attr,
297 &dev_attr_apmask.attr,
298 &dev_attr_aqmask.attr,
302 static struct attribute_group zcdn_dev_attr_group = {
303 .attrs = zcdn_dev_attrs
306 static const struct attribute_group *zcdn_dev_attr_groups[] = {
307 &zcdn_dev_attr_group,
311 static ssize_t zcdn_create_store(struct class *class,
312 struct class_attribute *attr,
313 const char *buf, size_t count)
316 char name[ZCDN_MAX_NAME];
318 strncpy(name, skip_spaces(buf), sizeof(name));
319 name[sizeof(name) - 1] = '\0';
321 rc = zcdn_create(strim(name));
323 return rc ? rc : count;
326 static const struct class_attribute class_attr_zcdn_create =
327 __ATTR(create, 0600, NULL, zcdn_create_store);
329 static ssize_t zcdn_destroy_store(struct class *class,
330 struct class_attribute *attr,
331 const char *buf, size_t count)
334 char name[ZCDN_MAX_NAME];
336 strncpy(name, skip_spaces(buf), sizeof(name));
337 name[sizeof(name) - 1] = '\0';
339 rc = zcdn_destroy(strim(name));
341 return rc ? rc : count;
344 static const struct class_attribute class_attr_zcdn_destroy =
345 __ATTR(destroy, 0600, NULL, zcdn_destroy_store);
347 static void zcdn_device_release(struct device *dev)
349 struct zcdn_device *zcdndev = to_zcdn_dev(dev);
351 ZCRYPT_DBF(DBF_INFO, "releasing zcdn device %d:%d\n",
352 MAJOR(dev->devt), MINOR(dev->devt));
357 static int zcdn_create(const char *name)
361 char nodename[ZCDN_MAX_NAME];
362 struct zcdn_device *zcdndev;
364 if (mutex_lock_interruptible(&ap_perms_mutex))
367 /* check if device node with this name already exists */
369 zcdndev = find_zcdndev_by_name(name);
371 put_device(&zcdndev->device);
377 /* find an unused minor number */
378 for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) {
379 devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i);
380 zcdndev = find_zcdndev_by_devt(devt);
382 put_device(&zcdndev->device);
386 if (i == ZCRYPT_MAX_MINOR_NODES) {
391 /* alloc and prepare a new zcdn device */
392 zcdndev = kzalloc(sizeof(*zcdndev), GFP_KERNEL);
397 zcdndev->device.release = zcdn_device_release;
398 zcdndev->device.class = zcrypt_class;
399 zcdndev->device.devt = devt;
400 zcdndev->device.groups = zcdn_dev_attr_groups;
402 strncpy(nodename, name, sizeof(nodename));
404 snprintf(nodename, sizeof(nodename),
405 ZCRYPT_NAME "_%d", (int) MINOR(devt));
406 nodename[sizeof(nodename)-1] = '\0';
407 if (dev_set_name(&zcdndev->device, nodename)) {
411 rc = device_register(&zcdndev->device);
413 put_device(&zcdndev->device);
417 ZCRYPT_DBF(DBF_INFO, "created zcdn device %d:%d\n",
418 MAJOR(devt), MINOR(devt));
421 mutex_unlock(&ap_perms_mutex);
425 static int zcdn_destroy(const char *name)
428 struct zcdn_device *zcdndev;
430 if (mutex_lock_interruptible(&ap_perms_mutex))
433 /* try to find this zcdn device */
434 zcdndev = find_zcdndev_by_name(name);
441 * The zcdn device is not hard destroyed. It is subject to
442 * reference counting and thus just needs to be unregistered.
444 put_device(&zcdndev->device);
445 device_unregister(&zcdndev->device);
448 mutex_unlock(&ap_perms_mutex);
452 static void zcdn_destroy_all(void)
456 struct zcdn_device *zcdndev;
458 mutex_lock(&ap_perms_mutex);
459 for (i = 0; i < ZCRYPT_MAX_MINOR_NODES; i++) {
460 devt = MKDEV(MAJOR(zcrypt_devt), MINOR(zcrypt_devt) + i);
461 zcdndev = find_zcdndev_by_devt(devt);
463 put_device(&zcdndev->device);
464 device_unregister(&zcdndev->device);
467 mutex_unlock(&ap_perms_mutex);
473 * zcrypt_read (): Not supported beyond zcrypt 1.3.1.
475 * This function is not supported beyond zcrypt 1.3.1.
477 static ssize_t zcrypt_read(struct file *filp, char __user *buf,
478 size_t count, loff_t *f_pos)
484 * zcrypt_write(): Not allowed.
486 * Write is is not allowed
488 static ssize_t zcrypt_write(struct file *filp, const char __user *buf,
489 size_t count, loff_t *f_pos)
495 * zcrypt_open(): Count number of users.
497 * Device open function to count number of users.
499 static int zcrypt_open(struct inode *inode, struct file *filp)
501 struct ap_perms *perms = &ap_perms;
503 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
504 if (filp->f_inode->i_cdev == &zcrypt_cdev) {
505 struct zcdn_device *zcdndev;
507 if (mutex_lock_interruptible(&ap_perms_mutex))
509 zcdndev = find_zcdndev_by_devt(filp->f_inode->i_rdev);
510 /* find returns a reference, no get_device() needed */
511 mutex_unlock(&ap_perms_mutex);
513 perms = &zcdndev->perms;
516 filp->private_data = (void *) perms;
518 atomic_inc(&zcrypt_open_count);
519 return stream_open(inode, filp);
523 * zcrypt_release(): Count number of users.
525 * Device close function to count number of users.
527 static int zcrypt_release(struct inode *inode, struct file *filp)
529 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
530 if (filp->f_inode->i_cdev == &zcrypt_cdev) {
531 struct zcdn_device *zcdndev;
533 if (mutex_lock_interruptible(&ap_perms_mutex))
535 zcdndev = find_zcdndev_by_devt(filp->f_inode->i_rdev);
536 mutex_unlock(&ap_perms_mutex);
538 /* 2 puts here: one for find, one for open */
539 put_device(&zcdndev->device);
540 put_device(&zcdndev->device);
545 atomic_dec(&zcrypt_open_count);
549 static inline int zcrypt_check_ioctl(struct ap_perms *perms,
553 int ioctlnr = (cmd & _IOC_NRMASK) >> _IOC_NRSHIFT;
555 if (ioctlnr > 0 && ioctlnr < AP_IOCTLS) {
556 if (test_bit_inv(ioctlnr, perms->ioctlm))
562 "ioctl check failed: ioctlnr=0x%04x rc=%d\n",
568 static inline bool zcrypt_check_card(struct ap_perms *perms, int card)
570 return test_bit_inv(card, perms->apm) ? true : false;
573 static inline bool zcrypt_check_queue(struct ap_perms *perms, int queue)
575 return test_bit_inv(queue, perms->aqm) ? true : false;
578 static inline struct zcrypt_queue *zcrypt_pick_queue(struct zcrypt_card *zc,
579 struct zcrypt_queue *zq,
580 struct module **pmod,
583 if (!zq || !try_module_get(zq->queue->ap_dev.drv->driver.owner))
585 zcrypt_queue_get(zq);
586 get_device(&zq->queue->ap_dev.device);
587 atomic_add(weight, &zc->load);
588 atomic_add(weight, &zq->load);
590 *pmod = zq->queue->ap_dev.drv->driver.owner;
594 static inline void zcrypt_drop_queue(struct zcrypt_card *zc,
595 struct zcrypt_queue *zq,
600 atomic_sub(weight, &zc->load);
601 atomic_sub(weight, &zq->load);
602 put_device(&zq->queue->ap_dev.device);
603 zcrypt_queue_put(zq);
607 static inline bool zcrypt_card_compare(struct zcrypt_card *zc,
608 struct zcrypt_card *pref_zc,
610 unsigned int pref_weight)
614 weight += atomic_read(&zc->load);
615 pref_weight += atomic_read(&pref_zc->load);
616 if (weight == pref_weight)
617 return atomic_read(&zc->card->total_request_count) >
618 atomic_read(&pref_zc->card->total_request_count);
619 return weight > pref_weight;
622 static inline bool zcrypt_queue_compare(struct zcrypt_queue *zq,
623 struct zcrypt_queue *pref_zq,
625 unsigned int pref_weight)
629 weight += atomic_read(&zq->load);
630 pref_weight += atomic_read(&pref_zq->load);
631 if (weight == pref_weight)
632 return zq->queue->total_request_count >
633 pref_zq->queue->total_request_count;
634 return weight > pref_weight;
640 static long zcrypt_rsa_modexpo(struct ap_perms *perms,
641 struct ica_rsa_modexpo *mex)
643 struct zcrypt_card *zc, *pref_zc;
644 struct zcrypt_queue *zq, *pref_zq;
645 unsigned int weight, pref_weight;
646 unsigned int func_code;
647 int qid = 0, rc = -ENODEV;
650 trace_s390_zcrypt_req(mex, TP_ICARSAMODEXPO);
652 if (mex->outputdatalength < mex->inputdatalength) {
659 * As long as outputdatalength is big enough, we can set the
660 * outputdatalength equal to the inputdatalength, since that is the
661 * number of bytes we will copy in any case
663 mex->outputdatalength = mex->inputdatalength;
665 rc = get_rsa_modex_fc(mex, &func_code);
671 spin_lock(&zcrypt_list_lock);
672 for_each_zcrypt_card(zc) {
673 /* Check for online accelarator and CCA cards */
674 if (!zc->online || !(zc->card->functions & 0x18000000))
676 /* Check for size limits */
677 if (zc->min_mod_size > mex->inputdatalength ||
678 zc->max_mod_size < mex->inputdatalength)
680 /* check if device node has admission for this card */
681 if (!zcrypt_check_card(perms, zc->card->id))
683 /* get weight index of the card device */
684 weight = zc->speed_rating[func_code];
685 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
687 for_each_zcrypt_queue(zq, zc) {
688 /* check if device is online and eligible */
689 if (!zq->online || !zq->ops->rsa_modexpo)
691 /* check if device node has admission for this queue */
692 if (!zcrypt_check_queue(perms,
693 AP_QID_QUEUE(zq->queue->qid)))
695 if (zcrypt_queue_compare(zq, pref_zq,
696 weight, pref_weight))
700 pref_weight = weight;
703 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, weight);
704 spin_unlock(&zcrypt_list_lock);
711 qid = pref_zq->queue->qid;
712 rc = pref_zq->ops->rsa_modexpo(pref_zq, mex);
714 spin_lock(&zcrypt_list_lock);
715 zcrypt_drop_queue(pref_zc, pref_zq, mod, weight);
716 spin_unlock(&zcrypt_list_lock);
719 trace_s390_zcrypt_rep(mex, func_code, rc,
720 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
724 static long zcrypt_rsa_crt(struct ap_perms *perms,
725 struct ica_rsa_modexpo_crt *crt)
727 struct zcrypt_card *zc, *pref_zc;
728 struct zcrypt_queue *zq, *pref_zq;
729 unsigned int weight, pref_weight;
730 unsigned int func_code;
731 int qid = 0, rc = -ENODEV;
734 trace_s390_zcrypt_req(crt, TP_ICARSACRT);
736 if (crt->outputdatalength < crt->inputdatalength) {
743 * As long as outputdatalength is big enough, we can set the
744 * outputdatalength equal to the inputdatalength, since that is the
745 * number of bytes we will copy in any case
747 crt->outputdatalength = crt->inputdatalength;
749 rc = get_rsa_crt_fc(crt, &func_code);
755 spin_lock(&zcrypt_list_lock);
756 for_each_zcrypt_card(zc) {
757 /* Check for online accelarator and CCA cards */
758 if (!zc->online || !(zc->card->functions & 0x18000000))
760 /* Check for size limits */
761 if (zc->min_mod_size > crt->inputdatalength ||
762 zc->max_mod_size < crt->inputdatalength)
764 /* check if device node has admission for this card */
765 if (!zcrypt_check_card(perms, zc->card->id))
767 /* get weight index of the card device */
768 weight = zc->speed_rating[func_code];
769 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
771 for_each_zcrypt_queue(zq, zc) {
772 /* check if device is online and eligible */
773 if (!zq->online || !zq->ops->rsa_modexpo_crt)
775 /* check if device node has admission for this queue */
776 if (!zcrypt_check_queue(perms,
777 AP_QID_QUEUE(zq->queue->qid)))
779 if (zcrypt_queue_compare(zq, pref_zq,
780 weight, pref_weight))
784 pref_weight = weight;
787 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, weight);
788 spin_unlock(&zcrypt_list_lock);
795 qid = pref_zq->queue->qid;
796 rc = pref_zq->ops->rsa_modexpo_crt(pref_zq, crt);
798 spin_lock(&zcrypt_list_lock);
799 zcrypt_drop_queue(pref_zc, pref_zq, mod, weight);
800 spin_unlock(&zcrypt_list_lock);
803 trace_s390_zcrypt_rep(crt, func_code, rc,
804 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
808 static long _zcrypt_send_cprb(struct ap_perms *perms,
809 struct ica_xcRB *xcRB)
811 struct zcrypt_card *zc, *pref_zc;
812 struct zcrypt_queue *zq, *pref_zq;
813 struct ap_message ap_msg;
814 unsigned int weight, pref_weight;
815 unsigned int func_code;
816 unsigned short *domain, tdom;
817 int qid = 0, rc = -ENODEV;
820 trace_s390_zcrypt_req(xcRB, TB_ZSECSENDCPRB);
823 ap_init_message(&ap_msg);
824 rc = get_cprb_fc(xcRB, &ap_msg, &func_code, &domain);
829 * If a valid target domain is set and this domain is NOT a usage
830 * domain but a control only domain, use the default domain as target.
833 if (tdom >= 0 && tdom < AP_DOMAINS &&
834 !ap_test_config_usage_domain(tdom) &&
835 ap_test_config_ctrl_domain(tdom) &&
836 ap_domain_index >= 0)
837 tdom = ap_domain_index;
841 spin_lock(&zcrypt_list_lock);
842 for_each_zcrypt_card(zc) {
843 /* Check for online CCA cards */
844 if (!zc->online || !(zc->card->functions & 0x10000000))
846 /* Check for user selected CCA card */
847 if (xcRB->user_defined != AUTOSELECT &&
848 xcRB->user_defined != zc->card->id)
850 /* check if device node has admission for this card */
851 if (!zcrypt_check_card(perms, zc->card->id))
853 /* get weight index of the card device */
854 weight = speed_idx_cca(func_code) * zc->speed_rating[SECKEY];
855 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
857 for_each_zcrypt_queue(zq, zc) {
858 /* check if device is online and eligible */
860 !zq->ops->send_cprb ||
861 (tdom != (unsigned short) AUTOSELECT &&
862 tdom != AP_QID_QUEUE(zq->queue->qid)))
864 /* check if device node has admission for this queue */
865 if (!zcrypt_check_queue(perms,
866 AP_QID_QUEUE(zq->queue->qid)))
868 if (zcrypt_queue_compare(zq, pref_zq,
869 weight, pref_weight))
873 pref_weight = weight;
876 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, weight);
877 spin_unlock(&zcrypt_list_lock);
884 /* in case of auto select, provide the correct domain */
885 qid = pref_zq->queue->qid;
886 if (*domain == (unsigned short) AUTOSELECT)
887 *domain = AP_QID_QUEUE(qid);
889 rc = pref_zq->ops->send_cprb(pref_zq, xcRB, &ap_msg);
891 spin_lock(&zcrypt_list_lock);
892 zcrypt_drop_queue(pref_zc, pref_zq, mod, weight);
893 spin_unlock(&zcrypt_list_lock);
896 ap_release_message(&ap_msg);
897 trace_s390_zcrypt_rep(xcRB, func_code, rc,
898 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
902 long zcrypt_send_cprb(struct ica_xcRB *xcRB)
904 return _zcrypt_send_cprb(&ap_perms, xcRB);
906 EXPORT_SYMBOL(zcrypt_send_cprb);
908 static bool is_desired_ep11_card(unsigned int dev_id,
909 unsigned short target_num,
910 struct ep11_target_dev *targets)
912 while (target_num-- > 0) {
913 if (dev_id == targets->ap_id)
920 static bool is_desired_ep11_queue(unsigned int dev_qid,
921 unsigned short target_num,
922 struct ep11_target_dev *targets)
924 while (target_num-- > 0) {
925 if (AP_MKQID(targets->ap_id, targets->dom_id) == dev_qid)
932 static long zcrypt_send_ep11_cprb(struct ap_perms *perms,
933 struct ep11_urb *xcrb)
935 struct zcrypt_card *zc, *pref_zc;
936 struct zcrypt_queue *zq, *pref_zq;
937 struct ep11_target_dev *targets;
938 unsigned short target_num;
939 unsigned int weight, pref_weight;
940 unsigned int func_code;
941 struct ap_message ap_msg;
942 int qid = 0, rc = -ENODEV;
945 trace_s390_zcrypt_req(xcrb, TP_ZSENDEP11CPRB);
947 ap_init_message(&ap_msg);
949 target_num = (unsigned short) xcrb->targets_num;
951 /* empty list indicates autoselect (all available targets) */
953 if (target_num != 0) {
954 struct ep11_target_dev __user *uptr;
956 targets = kcalloc(target_num, sizeof(*targets), GFP_KERNEL);
963 uptr = (struct ep11_target_dev __force __user *) xcrb->targets;
964 if (copy_from_user(targets, uptr,
965 target_num * sizeof(*targets))) {
972 rc = get_ep11cprb_fc(xcrb, &ap_msg, &func_code);
978 spin_lock(&zcrypt_list_lock);
979 for_each_zcrypt_card(zc) {
980 /* Check for online EP11 cards */
981 if (!zc->online || !(zc->card->functions & 0x04000000))
983 /* Check for user selected EP11 card */
985 !is_desired_ep11_card(zc->card->id, target_num, targets))
987 /* check if device node has admission for this card */
988 if (!zcrypt_check_card(perms, zc->card->id))
990 /* get weight index of the card device */
991 weight = speed_idx_ep11(func_code) * zc->speed_rating[SECKEY];
992 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
994 for_each_zcrypt_queue(zq, zc) {
995 /* check if device is online and eligible */
997 !zq->ops->send_ep11_cprb ||
999 !is_desired_ep11_queue(zq->queue->qid,
1000 target_num, targets)))
1002 /* check if device node has admission for this queue */
1003 if (!zcrypt_check_queue(perms,
1004 AP_QID_QUEUE(zq->queue->qid)))
1006 if (zcrypt_queue_compare(zq, pref_zq,
1007 weight, pref_weight))
1011 pref_weight = weight;
1014 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, weight);
1015 spin_unlock(&zcrypt_list_lock);
1022 qid = pref_zq->queue->qid;
1023 rc = pref_zq->ops->send_ep11_cprb(pref_zq, xcrb, &ap_msg);
1025 spin_lock(&zcrypt_list_lock);
1026 zcrypt_drop_queue(pref_zc, pref_zq, mod, weight);
1027 spin_unlock(&zcrypt_list_lock);
1032 ap_release_message(&ap_msg);
1033 trace_s390_zcrypt_rep(xcrb, func_code, rc,
1034 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
1038 static long zcrypt_rng(char *buffer)
1040 struct zcrypt_card *zc, *pref_zc;
1041 struct zcrypt_queue *zq, *pref_zq;
1042 unsigned int weight, pref_weight;
1043 unsigned int func_code;
1044 struct ap_message ap_msg;
1045 unsigned int domain;
1046 int qid = 0, rc = -ENODEV;
1049 trace_s390_zcrypt_req(buffer, TP_HWRNGCPRB);
1051 ap_init_message(&ap_msg);
1052 rc = get_rng_fc(&ap_msg, &func_code, &domain);
1058 spin_lock(&zcrypt_list_lock);
1059 for_each_zcrypt_card(zc) {
1060 /* Check for online CCA cards */
1061 if (!zc->online || !(zc->card->functions & 0x10000000))
1063 /* get weight index of the card device */
1064 weight = zc->speed_rating[func_code];
1065 if (zcrypt_card_compare(zc, pref_zc, weight, pref_weight))
1067 for_each_zcrypt_queue(zq, zc) {
1068 /* check if device is online and eligible */
1069 if (!zq->online || !zq->ops->rng)
1071 if (zcrypt_queue_compare(zq, pref_zq,
1072 weight, pref_weight))
1076 pref_weight = weight;
1079 pref_zq = zcrypt_pick_queue(pref_zc, pref_zq, &mod, weight);
1080 spin_unlock(&zcrypt_list_lock);
1087 qid = pref_zq->queue->qid;
1088 rc = pref_zq->ops->rng(pref_zq, buffer, &ap_msg);
1090 spin_lock(&zcrypt_list_lock);
1091 zcrypt_drop_queue(pref_zc, pref_zq, mod, weight);
1092 spin_unlock(&zcrypt_list_lock);
1095 ap_release_message(&ap_msg);
1096 trace_s390_zcrypt_rep(buffer, func_code, rc,
1097 AP_QID_CARD(qid), AP_QID_QUEUE(qid));
1101 static void zcrypt_device_status_mask(struct zcrypt_device_status *devstatus)
1103 struct zcrypt_card *zc;
1104 struct zcrypt_queue *zq;
1105 struct zcrypt_device_status *stat;
1108 memset(devstatus, 0, MAX_ZDEV_ENTRIES
1109 * sizeof(struct zcrypt_device_status));
1111 spin_lock(&zcrypt_list_lock);
1112 for_each_zcrypt_card(zc) {
1113 for_each_zcrypt_queue(zq, zc) {
1114 card = AP_QID_CARD(zq->queue->qid);
1115 if (card >= MAX_ZDEV_CARDIDS)
1117 queue = AP_QID_QUEUE(zq->queue->qid);
1118 stat = &devstatus[card * AP_DOMAINS + queue];
1119 stat->hwtype = zc->card->ap_dev.device_type;
1120 stat->functions = zc->card->functions >> 26;
1121 stat->qid = zq->queue->qid;
1122 stat->online = zq->online ? 0x01 : 0x00;
1125 spin_unlock(&zcrypt_list_lock);
1128 void zcrypt_device_status_mask_ext(struct zcrypt_device_status_ext *devstatus)
1130 struct zcrypt_card *zc;
1131 struct zcrypt_queue *zq;
1132 struct zcrypt_device_status_ext *stat;
1135 memset(devstatus, 0, MAX_ZDEV_ENTRIES_EXT
1136 * sizeof(struct zcrypt_device_status_ext));
1138 spin_lock(&zcrypt_list_lock);
1139 for_each_zcrypt_card(zc) {
1140 for_each_zcrypt_queue(zq, zc) {
1141 card = AP_QID_CARD(zq->queue->qid);
1142 queue = AP_QID_QUEUE(zq->queue->qid);
1143 stat = &devstatus[card * AP_DOMAINS + queue];
1144 stat->hwtype = zc->card->ap_dev.device_type;
1145 stat->functions = zc->card->functions >> 26;
1146 stat->qid = zq->queue->qid;
1147 stat->online = zq->online ? 0x01 : 0x00;
1150 spin_unlock(&zcrypt_list_lock);
1152 EXPORT_SYMBOL(zcrypt_device_status_mask_ext);
1154 static void zcrypt_status_mask(char status[], size_t max_adapters)
1156 struct zcrypt_card *zc;
1157 struct zcrypt_queue *zq;
1160 memset(status, 0, max_adapters);
1161 spin_lock(&zcrypt_list_lock);
1162 for_each_zcrypt_card(zc) {
1163 for_each_zcrypt_queue(zq, zc) {
1164 card = AP_QID_CARD(zq->queue->qid);
1165 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index
1166 || card >= max_adapters)
1168 status[card] = zc->online ? zc->user_space_type : 0x0d;
1171 spin_unlock(&zcrypt_list_lock);
1174 static void zcrypt_qdepth_mask(char qdepth[], size_t max_adapters)
1176 struct zcrypt_card *zc;
1177 struct zcrypt_queue *zq;
1180 memset(qdepth, 0, max_adapters);
1181 spin_lock(&zcrypt_list_lock);
1183 for_each_zcrypt_card(zc) {
1184 for_each_zcrypt_queue(zq, zc) {
1185 card = AP_QID_CARD(zq->queue->qid);
1186 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index
1187 || card >= max_adapters)
1189 spin_lock(&zq->queue->lock);
1191 zq->queue->pendingq_count +
1192 zq->queue->requestq_count;
1193 spin_unlock(&zq->queue->lock);
1197 spin_unlock(&zcrypt_list_lock);
1200 static void zcrypt_perdev_reqcnt(int reqcnt[], size_t max_adapters)
1202 struct zcrypt_card *zc;
1203 struct zcrypt_queue *zq;
1206 memset(reqcnt, 0, sizeof(int) * max_adapters);
1207 spin_lock(&zcrypt_list_lock);
1209 for_each_zcrypt_card(zc) {
1210 for_each_zcrypt_queue(zq, zc) {
1211 card = AP_QID_CARD(zq->queue->qid);
1212 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index
1213 || card >= max_adapters)
1215 spin_lock(&zq->queue->lock);
1216 reqcnt[card] = zq->queue->total_request_count;
1217 spin_unlock(&zq->queue->lock);
1221 spin_unlock(&zcrypt_list_lock);
1224 static int zcrypt_pendingq_count(void)
1226 struct zcrypt_card *zc;
1227 struct zcrypt_queue *zq;
1231 spin_lock(&zcrypt_list_lock);
1233 for_each_zcrypt_card(zc) {
1234 for_each_zcrypt_queue(zq, zc) {
1235 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index)
1237 spin_lock(&zq->queue->lock);
1238 pendingq_count += zq->queue->pendingq_count;
1239 spin_unlock(&zq->queue->lock);
1243 spin_unlock(&zcrypt_list_lock);
1244 return pendingq_count;
1247 static int zcrypt_requestq_count(void)
1249 struct zcrypt_card *zc;
1250 struct zcrypt_queue *zq;
1254 spin_lock(&zcrypt_list_lock);
1256 for_each_zcrypt_card(zc) {
1257 for_each_zcrypt_queue(zq, zc) {
1258 if (AP_QID_QUEUE(zq->queue->qid) != ap_domain_index)
1260 spin_lock(&zq->queue->lock);
1261 requestq_count += zq->queue->requestq_count;
1262 spin_unlock(&zq->queue->lock);
1266 spin_unlock(&zcrypt_list_lock);
1267 return requestq_count;
1270 static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd,
1274 struct ap_perms *perms =
1275 (struct ap_perms *) filp->private_data;
1277 rc = zcrypt_check_ioctl(perms, cmd);
1282 case ICARSAMODEXPO: {
1283 struct ica_rsa_modexpo __user *umex = (void __user *) arg;
1284 struct ica_rsa_modexpo mex;
1286 if (copy_from_user(&mex, umex, sizeof(mex)))
1289 rc = zcrypt_rsa_modexpo(perms, &mex);
1290 } while (rc == -EAGAIN);
1291 /* on failure: retry once again after a requested rescan */
1292 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1294 rc = zcrypt_rsa_modexpo(perms, &mex);
1295 } while (rc == -EAGAIN);
1297 ZCRYPT_DBF(DBF_DEBUG, "ioctl ICARSAMODEXPO rc=%d\n", rc);
1300 return put_user(mex.outputdatalength, &umex->outputdatalength);
1303 struct ica_rsa_modexpo_crt __user *ucrt = (void __user *) arg;
1304 struct ica_rsa_modexpo_crt crt;
1306 if (copy_from_user(&crt, ucrt, sizeof(crt)))
1309 rc = zcrypt_rsa_crt(perms, &crt);
1310 } while (rc == -EAGAIN);
1311 /* on failure: retry once again after a requested rescan */
1312 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1314 rc = zcrypt_rsa_crt(perms, &crt);
1315 } while (rc == -EAGAIN);
1317 ZCRYPT_DBF(DBF_DEBUG, "ioctl ICARSACRT rc=%d\n", rc);
1320 return put_user(crt.outputdatalength, &ucrt->outputdatalength);
1322 case ZSECSENDCPRB: {
1323 struct ica_xcRB __user *uxcRB = (void __user *) arg;
1324 struct ica_xcRB xcRB;
1326 if (copy_from_user(&xcRB, uxcRB, sizeof(xcRB)))
1329 rc = _zcrypt_send_cprb(perms, &xcRB);
1330 } while (rc == -EAGAIN);
1331 /* on failure: retry once again after a requested rescan */
1332 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1334 rc = _zcrypt_send_cprb(perms, &xcRB);
1335 } while (rc == -EAGAIN);
1337 ZCRYPT_DBF(DBF_DEBUG, "ioctl ZSENDCPRB rc=%d status=0x%x\n",
1339 if (copy_to_user(uxcRB, &xcRB, sizeof(xcRB)))
1343 case ZSENDEP11CPRB: {
1344 struct ep11_urb __user *uxcrb = (void __user *)arg;
1345 struct ep11_urb xcrb;
1347 if (copy_from_user(&xcrb, uxcrb, sizeof(xcrb)))
1350 rc = zcrypt_send_ep11_cprb(perms, &xcrb);
1351 } while (rc == -EAGAIN);
1352 /* on failure: retry once again after a requested rescan */
1353 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1355 rc = zcrypt_send_ep11_cprb(perms, &xcrb);
1356 } while (rc == -EAGAIN);
1358 ZCRYPT_DBF(DBF_DEBUG, "ioctl ZSENDEP11CPRB rc=%d\n", rc);
1359 if (copy_to_user(uxcrb, &xcrb, sizeof(xcrb)))
1363 case ZCRYPT_DEVICE_STATUS: {
1364 struct zcrypt_device_status_ext *device_status;
1365 size_t total_size = MAX_ZDEV_ENTRIES_EXT
1366 * sizeof(struct zcrypt_device_status_ext);
1368 device_status = kzalloc(total_size, GFP_KERNEL);
1371 zcrypt_device_status_mask_ext(device_status);
1372 if (copy_to_user((char __user *) arg, device_status,
1375 kfree(device_status);
1378 case ZCRYPT_STATUS_MASK: {
1379 char status[AP_DEVICES];
1381 zcrypt_status_mask(status, AP_DEVICES);
1382 if (copy_to_user((char __user *) arg, status, sizeof(status)))
1386 case ZCRYPT_QDEPTH_MASK: {
1387 char qdepth[AP_DEVICES];
1389 zcrypt_qdepth_mask(qdepth, AP_DEVICES);
1390 if (copy_to_user((char __user *) arg, qdepth, sizeof(qdepth)))
1394 case ZCRYPT_PERDEV_REQCNT: {
1397 reqcnt = kcalloc(AP_DEVICES, sizeof(int), GFP_KERNEL);
1400 zcrypt_perdev_reqcnt(reqcnt, AP_DEVICES);
1401 if (copy_to_user((int __user *) arg, reqcnt, sizeof(reqcnt)))
1406 case Z90STAT_REQUESTQ_COUNT:
1407 return put_user(zcrypt_requestq_count(), (int __user *) arg);
1408 case Z90STAT_PENDINGQ_COUNT:
1409 return put_user(zcrypt_pendingq_count(), (int __user *) arg);
1410 case Z90STAT_TOTALOPEN_COUNT:
1411 return put_user(atomic_read(&zcrypt_open_count),
1412 (int __user *) arg);
1413 case Z90STAT_DOMAIN_INDEX:
1414 return put_user(ap_domain_index, (int __user *) arg);
1418 case ZDEVICESTATUS: {
1419 /* the old ioctl supports only 64 adapters */
1420 struct zcrypt_device_status *device_status;
1421 size_t total_size = MAX_ZDEV_ENTRIES
1422 * sizeof(struct zcrypt_device_status);
1424 device_status = kzalloc(total_size, GFP_KERNEL);
1427 zcrypt_device_status_mask(device_status);
1428 if (copy_to_user((char __user *) arg, device_status,
1431 kfree(device_status);
1434 case Z90STAT_STATUS_MASK: {
1435 /* the old ioctl supports only 64 adapters */
1436 char status[MAX_ZDEV_CARDIDS];
1438 zcrypt_status_mask(status, MAX_ZDEV_CARDIDS);
1439 if (copy_to_user((char __user *) arg, status, sizeof(status)))
1443 case Z90STAT_QDEPTH_MASK: {
1444 /* the old ioctl supports only 64 adapters */
1445 char qdepth[MAX_ZDEV_CARDIDS];
1447 zcrypt_qdepth_mask(qdepth, MAX_ZDEV_CARDIDS);
1448 if (copy_to_user((char __user *) arg, qdepth, sizeof(qdepth)))
1452 case Z90STAT_PERDEV_REQCNT: {
1453 /* the old ioctl supports only 64 adapters */
1454 int reqcnt[MAX_ZDEV_CARDIDS];
1456 zcrypt_perdev_reqcnt(reqcnt, MAX_ZDEV_CARDIDS);
1457 if (copy_to_user((int __user *) arg, reqcnt, sizeof(reqcnt)))
1461 /* unknown ioctl number */
1463 ZCRYPT_DBF(DBF_DEBUG, "unknown ioctl 0x%08x\n", cmd);
1464 return -ENOIOCTLCMD;
1468 #ifdef CONFIG_COMPAT
1470 * ioctl32 conversion routines
1472 struct compat_ica_rsa_modexpo {
1473 compat_uptr_t inputdata;
1474 unsigned int inputdatalength;
1475 compat_uptr_t outputdata;
1476 unsigned int outputdatalength;
1477 compat_uptr_t b_key;
1478 compat_uptr_t n_modulus;
1481 static long trans_modexpo32(struct ap_perms *perms, struct file *filp,
1482 unsigned int cmd, unsigned long arg)
1484 struct compat_ica_rsa_modexpo __user *umex32 = compat_ptr(arg);
1485 struct compat_ica_rsa_modexpo mex32;
1486 struct ica_rsa_modexpo mex64;
1489 if (copy_from_user(&mex32, umex32, sizeof(mex32)))
1491 mex64.inputdata = compat_ptr(mex32.inputdata);
1492 mex64.inputdatalength = mex32.inputdatalength;
1493 mex64.outputdata = compat_ptr(mex32.outputdata);
1494 mex64.outputdatalength = mex32.outputdatalength;
1495 mex64.b_key = compat_ptr(mex32.b_key);
1496 mex64.n_modulus = compat_ptr(mex32.n_modulus);
1498 rc = zcrypt_rsa_modexpo(perms, &mex64);
1499 } while (rc == -EAGAIN);
1500 /* on failure: retry once again after a requested rescan */
1501 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1503 rc = zcrypt_rsa_modexpo(perms, &mex64);
1504 } while (rc == -EAGAIN);
1507 return put_user(mex64.outputdatalength,
1508 &umex32->outputdatalength);
1511 struct compat_ica_rsa_modexpo_crt {
1512 compat_uptr_t inputdata;
1513 unsigned int inputdatalength;
1514 compat_uptr_t outputdata;
1515 unsigned int outputdatalength;
1516 compat_uptr_t bp_key;
1517 compat_uptr_t bq_key;
1518 compat_uptr_t np_prime;
1519 compat_uptr_t nq_prime;
1520 compat_uptr_t u_mult_inv;
1523 static long trans_modexpo_crt32(struct ap_perms *perms, struct file *filp,
1524 unsigned int cmd, unsigned long arg)
1526 struct compat_ica_rsa_modexpo_crt __user *ucrt32 = compat_ptr(arg);
1527 struct compat_ica_rsa_modexpo_crt crt32;
1528 struct ica_rsa_modexpo_crt crt64;
1531 if (copy_from_user(&crt32, ucrt32, sizeof(crt32)))
1533 crt64.inputdata = compat_ptr(crt32.inputdata);
1534 crt64.inputdatalength = crt32.inputdatalength;
1535 crt64.outputdata = compat_ptr(crt32.outputdata);
1536 crt64.outputdatalength = crt32.outputdatalength;
1537 crt64.bp_key = compat_ptr(crt32.bp_key);
1538 crt64.bq_key = compat_ptr(crt32.bq_key);
1539 crt64.np_prime = compat_ptr(crt32.np_prime);
1540 crt64.nq_prime = compat_ptr(crt32.nq_prime);
1541 crt64.u_mult_inv = compat_ptr(crt32.u_mult_inv);
1543 rc = zcrypt_rsa_crt(perms, &crt64);
1544 } while (rc == -EAGAIN);
1545 /* on failure: retry once again after a requested rescan */
1546 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1548 rc = zcrypt_rsa_crt(perms, &crt64);
1549 } while (rc == -EAGAIN);
1552 return put_user(crt64.outputdatalength,
1553 &ucrt32->outputdatalength);
1556 struct compat_ica_xcRB {
1557 unsigned short agent_ID;
1558 unsigned int user_defined;
1559 unsigned short request_ID;
1560 unsigned int request_control_blk_length;
1561 unsigned char padding1[16 - sizeof(compat_uptr_t)];
1562 compat_uptr_t request_control_blk_addr;
1563 unsigned int request_data_length;
1564 char padding2[16 - sizeof(compat_uptr_t)];
1565 compat_uptr_t request_data_address;
1566 unsigned int reply_control_blk_length;
1567 char padding3[16 - sizeof(compat_uptr_t)];
1568 compat_uptr_t reply_control_blk_addr;
1569 unsigned int reply_data_length;
1570 char padding4[16 - sizeof(compat_uptr_t)];
1571 compat_uptr_t reply_data_addr;
1572 unsigned short priority_window;
1573 unsigned int status;
1576 static long trans_xcRB32(struct ap_perms *perms, struct file *filp,
1577 unsigned int cmd, unsigned long arg)
1579 struct compat_ica_xcRB __user *uxcRB32 = compat_ptr(arg);
1580 struct compat_ica_xcRB xcRB32;
1581 struct ica_xcRB xcRB64;
1584 if (copy_from_user(&xcRB32, uxcRB32, sizeof(xcRB32)))
1586 xcRB64.agent_ID = xcRB32.agent_ID;
1587 xcRB64.user_defined = xcRB32.user_defined;
1588 xcRB64.request_ID = xcRB32.request_ID;
1589 xcRB64.request_control_blk_length =
1590 xcRB32.request_control_blk_length;
1591 xcRB64.request_control_blk_addr =
1592 compat_ptr(xcRB32.request_control_blk_addr);
1593 xcRB64.request_data_length =
1594 xcRB32.request_data_length;
1595 xcRB64.request_data_address =
1596 compat_ptr(xcRB32.request_data_address);
1597 xcRB64.reply_control_blk_length =
1598 xcRB32.reply_control_blk_length;
1599 xcRB64.reply_control_blk_addr =
1600 compat_ptr(xcRB32.reply_control_blk_addr);
1601 xcRB64.reply_data_length = xcRB32.reply_data_length;
1602 xcRB64.reply_data_addr =
1603 compat_ptr(xcRB32.reply_data_addr);
1604 xcRB64.priority_window = xcRB32.priority_window;
1605 xcRB64.status = xcRB32.status;
1607 rc = _zcrypt_send_cprb(perms, &xcRB64);
1608 } while (rc == -EAGAIN);
1609 /* on failure: retry once again after a requested rescan */
1610 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1612 rc = _zcrypt_send_cprb(perms, &xcRB64);
1613 } while (rc == -EAGAIN);
1614 xcRB32.reply_control_blk_length = xcRB64.reply_control_blk_length;
1615 xcRB32.reply_data_length = xcRB64.reply_data_length;
1616 xcRB32.status = xcRB64.status;
1617 if (copy_to_user(uxcRB32, &xcRB32, sizeof(xcRB32)))
1622 static long zcrypt_compat_ioctl(struct file *filp, unsigned int cmd,
1626 struct ap_perms *perms =
1627 (struct ap_perms *) filp->private_data;
1629 rc = zcrypt_check_ioctl(perms, cmd);
1633 if (cmd == ICARSAMODEXPO)
1634 return trans_modexpo32(perms, filp, cmd, arg);
1635 if (cmd == ICARSACRT)
1636 return trans_modexpo_crt32(perms, filp, cmd, arg);
1637 if (cmd == ZSECSENDCPRB)
1638 return trans_xcRB32(perms, filp, cmd, arg);
1639 return zcrypt_unlocked_ioctl(filp, cmd, arg);
1644 * Misc device file operations.
1646 static const struct file_operations zcrypt_fops = {
1647 .owner = THIS_MODULE,
1648 .read = zcrypt_read,
1649 .write = zcrypt_write,
1650 .unlocked_ioctl = zcrypt_unlocked_ioctl,
1651 #ifdef CONFIG_COMPAT
1652 .compat_ioctl = zcrypt_compat_ioctl,
1654 .open = zcrypt_open,
1655 .release = zcrypt_release,
1656 .llseek = no_llseek,
1662 static struct miscdevice zcrypt_misc_device = {
1663 .minor = MISC_DYNAMIC_MINOR,
1665 .fops = &zcrypt_fops,
1668 static int zcrypt_rng_device_count;
1669 static u32 *zcrypt_rng_buffer;
1670 static int zcrypt_rng_buffer_index;
1671 static DEFINE_MUTEX(zcrypt_rng_mutex);
1673 static int zcrypt_rng_data_read(struct hwrng *rng, u32 *data)
1678 * We don't need locking here because the RNG API guarantees serialized
1679 * read method calls.
1681 if (zcrypt_rng_buffer_index == 0) {
1682 rc = zcrypt_rng((char *) zcrypt_rng_buffer);
1683 /* on failure: retry once again after a requested rescan */
1684 if ((rc == -ENODEV) && (zcrypt_process_rescan()))
1685 rc = zcrypt_rng((char *) zcrypt_rng_buffer);
1688 zcrypt_rng_buffer_index = rc / sizeof(*data);
1690 *data = zcrypt_rng_buffer[--zcrypt_rng_buffer_index];
1691 return sizeof(*data);
1694 static struct hwrng zcrypt_rng_dev = {
1696 .data_read = zcrypt_rng_data_read,
1700 int zcrypt_rng_device_add(void)
1704 mutex_lock(&zcrypt_rng_mutex);
1705 if (zcrypt_rng_device_count == 0) {
1706 zcrypt_rng_buffer = (u32 *) get_zeroed_page(GFP_KERNEL);
1707 if (!zcrypt_rng_buffer) {
1711 zcrypt_rng_buffer_index = 0;
1712 if (!zcrypt_hwrng_seed)
1713 zcrypt_rng_dev.quality = 0;
1714 rc = hwrng_register(&zcrypt_rng_dev);
1717 zcrypt_rng_device_count = 1;
1719 zcrypt_rng_device_count++;
1720 mutex_unlock(&zcrypt_rng_mutex);
1724 free_page((unsigned long) zcrypt_rng_buffer);
1726 mutex_unlock(&zcrypt_rng_mutex);
1730 void zcrypt_rng_device_remove(void)
1732 mutex_lock(&zcrypt_rng_mutex);
1733 zcrypt_rng_device_count--;
1734 if (zcrypt_rng_device_count == 0) {
1735 hwrng_unregister(&zcrypt_rng_dev);
1736 free_page((unsigned long) zcrypt_rng_buffer);
1738 mutex_unlock(&zcrypt_rng_mutex);
1741 int __init zcrypt_debug_init(void)
1743 zcrypt_dbf_info = debug_register("zcrypt", 1, 1,
1744 DBF_MAX_SPRINTF_ARGS * sizeof(long));
1745 debug_register_view(zcrypt_dbf_info, &debug_sprintf_view);
1746 debug_set_level(zcrypt_dbf_info, DBF_ERR);
1751 void zcrypt_debug_exit(void)
1753 debug_unregister(zcrypt_dbf_info);
1756 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1758 static int __init zcdn_init(void)
1762 /* create a new class 'zcrypt' */
1763 zcrypt_class = class_create(THIS_MODULE, ZCRYPT_NAME);
1764 if (IS_ERR(zcrypt_class)) {
1765 rc = PTR_ERR(zcrypt_class);
1766 goto out_class_create_failed;
1768 zcrypt_class->dev_release = zcdn_device_release;
1770 /* alloc device minor range */
1771 rc = alloc_chrdev_region(&zcrypt_devt,
1772 0, ZCRYPT_MAX_MINOR_NODES,
1775 goto out_alloc_chrdev_failed;
1777 cdev_init(&zcrypt_cdev, &zcrypt_fops);
1778 zcrypt_cdev.owner = THIS_MODULE;
1779 rc = cdev_add(&zcrypt_cdev, zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
1781 goto out_cdev_add_failed;
1783 /* need some class specific sysfs attributes */
1784 rc = class_create_file(zcrypt_class, &class_attr_zcdn_create);
1786 goto out_class_create_file_1_failed;
1787 rc = class_create_file(zcrypt_class, &class_attr_zcdn_destroy);
1789 goto out_class_create_file_2_failed;
1793 out_class_create_file_2_failed:
1794 class_remove_file(zcrypt_class, &class_attr_zcdn_create);
1795 out_class_create_file_1_failed:
1796 cdev_del(&zcrypt_cdev);
1797 out_cdev_add_failed:
1798 unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
1799 out_alloc_chrdev_failed:
1800 class_destroy(zcrypt_class);
1801 out_class_create_failed:
1805 static void zcdn_exit(void)
1807 class_remove_file(zcrypt_class, &class_attr_zcdn_create);
1808 class_remove_file(zcrypt_class, &class_attr_zcdn_destroy);
1810 cdev_del(&zcrypt_cdev);
1811 unregister_chrdev_region(zcrypt_devt, ZCRYPT_MAX_MINOR_NODES);
1812 class_destroy(zcrypt_class);
1818 * zcrypt_api_init(): Module initialization.
1820 * The module initialization code.
1822 int __init zcrypt_api_init(void)
1826 rc = zcrypt_debug_init();
1830 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1836 /* Register the request sprayer. */
1837 rc = misc_register(&zcrypt_misc_device);
1839 goto out_misc_register_failed;
1841 zcrypt_msgtype6_init();
1842 zcrypt_msgtype50_init();
1846 out_misc_register_failed:
1847 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1850 zcrypt_debug_exit();
1856 * zcrypt_api_exit(): Module termination.
1858 * The module termination code.
1860 void __exit zcrypt_api_exit(void)
1862 #ifdef CONFIG_ZCRYPT_MULTIDEVNODES
1865 misc_deregister(&zcrypt_misc_device);
1866 zcrypt_msgtype6_exit();
1867 zcrypt_msgtype50_exit();
1868 zcrypt_debug_exit();
1871 module_init(zcrypt_api_init);
1872 module_exit(zcrypt_api_exit);