Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
zcrypt_pcicc.c
Go to the documentation of this file.
1 /*
2  * zcrypt 2.1.0
3  *
4  * Copyright IBM Corp. 2001, 2006
5  * Author(s): Robert Burroughs
6  * Eric Rossman ([email protected])
7  *
8  * Hotplug & misc device support: Jochen Roehrig ([email protected])
9  * Major cleanup & driver split: Martin Schwidefsky <[email protected]>
10  * Ralph Wuerthner <[email protected]>
11  *
12  * This program is free software; you can redistribute it and/or modify
13  * it under the terms of the GNU General Public License as published by
14  * the Free Software Foundation; either version 2, or (at your option)
15  * any later version.
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20  * GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with this program; if not, write to the Free Software
24  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25  */
26 
27 #include <linux/module.h>
28 #include <linux/init.h>
29 #include <linux/gfp.h>
30 #include <linux/err.h>
31 #include <linux/atomic.h>
32 #include <asm/uaccess.h>
33 
34 #include "ap_bus.h"
35 #include "zcrypt_api.h"
36 #include "zcrypt_error.h"
37 #include "zcrypt_pcicc.h"
38 #include "zcrypt_cca_key.h"
39 
40 #define PCICC_MIN_MOD_SIZE 64 /* 512 bits */
41 #define PCICC_MAX_MOD_SIZE_OLD 128 /* 1024 bits */
42 #define PCICC_MAX_MOD_SIZE 256 /* 2048 bits */
43 
44 /*
45  * PCICC cards need a speed rating of 0. This keeps them at the end of
46  * the zcrypt device list (see zcrypt_api.c). PCICC cards are only
47  * used if no other cards are present because they are slow and can only
48  * cope with PKCS12 padded requests. The logic is queer. PKCS11 padded
49  * requests are rejected. The modexpo function encrypts PKCS12 padded data
50  * and decrypts any non-PKCS12 padded data (except PKCS11) in the assumption
51  * that it's encrypted PKCS12 data. The modexpo_crt function always decrypts
52  * the data in the assumption that its PKCS12 encrypted data.
53  */
54 #define PCICC_SPEED_RATING 0
55 
56 #define PCICC_MAX_MESSAGE_SIZE 0x710 /* max size type6 v1 crt message */
57 #define PCICC_MAX_RESPONSE_SIZE 0x710 /* max size type86 v1 reply */
58 
59 #define PCICC_CLEANUP_TIME (15*HZ)
60 
61 static struct ap_device_id zcrypt_pcicc_ids[] = {
62  { AP_DEVICE(AP_DEVICE_TYPE_PCICC) },
63  { /* end of list */ },
64 };
65 
66 MODULE_DEVICE_TABLE(ap, zcrypt_pcicc_ids);
67 MODULE_AUTHOR("IBM Corporation");
68 MODULE_DESCRIPTION("PCICC Cryptographic Coprocessor device driver, "
69  "Copyright IBM Corp. 2001, 2006");
70 MODULE_LICENSE("GPL");
71 
72 static int zcrypt_pcicc_probe(struct ap_device *ap_dev);
73 static void zcrypt_pcicc_remove(struct ap_device *ap_dev);
74 static void zcrypt_pcicc_receive(struct ap_device *, struct ap_message *,
75  struct ap_message *);
76 
77 static struct ap_driver zcrypt_pcicc_driver = {
78  .probe = zcrypt_pcicc_probe,
79  .remove = zcrypt_pcicc_remove,
80  .ids = zcrypt_pcicc_ids,
81  .request_timeout = PCICC_CLEANUP_TIME,
82 };
83 
97 static struct CPRB static_cprb = {
98  .cprb_len = __constant_cpu_to_le16(0x0070),
99  .cprb_ver_id = 0x41,
100  .func_id = {0x54,0x32},
101  .checkpoint_flag= 0x01,
102  .svr_namel = __constant_cpu_to_le16(0x0008),
103  .svr_name = {'I','C','S','F',' ',' ',' ',' '}
104 };
105 
109 static inline int is_PKCS11_padded(unsigned char *buffer, int length)
110 {
111  int i;
112  if ((buffer[0] != 0x00) || (buffer[1] != 0x01))
113  return 0;
114  for (i = 2; i < length; i++)
115  if (buffer[i] != 0xFF)
116  break;
117  if (i < 10 || i == length)
118  return 0;
119  if (buffer[i] != 0x00)
120  return 0;
121  return 1;
122 }
123 
127 static inline int is_PKCS12_padded(unsigned char *buffer, int length)
128 {
129  int i;
130  if ((buffer[0] != 0x00) || (buffer[1] != 0x02))
131  return 0;
132  for (i = 2; i < length; i++)
133  if (buffer[i] == 0x00)
134  break;
135  if ((i < 10) || (i == length))
136  return 0;
137  if (buffer[i] != 0x00)
138  return 0;
139  return 1;
140 }
141 
151 static int ICAMEX_msg_to_type6MEX_msg(struct zcrypt_device *zdev,
152  struct ap_message *ap_msg,
153  struct ica_rsa_modexpo *mex)
154 {
155  static struct type6_hdr static_type6_hdr = {
156  .type = 0x06,
157  .offset1 = 0x00000058,
158  .agent_id = {0x01,0x00,0x43,0x43,0x41,0x2D,0x41,0x50,
159  0x50,0x4C,0x20,0x20,0x20,0x01,0x01,0x01},
160  .function_code = {'P','K'},
161  };
162  static struct function_and_rules_block static_pke_function_and_rules ={
163  .function_code = {'P','K'},
164  .ulen = __constant_cpu_to_le16(10),
165  .only_rule = {'P','K','C','S','-','1','.','2'}
166  };
167  struct {
168  struct type6_hdr hdr;
169  struct CPRB cprb;
170  struct function_and_rules_block fr;
171  unsigned short length;
172  char text[0];
173  } __attribute__((packed)) *msg = ap_msg->message;
174  int vud_len, pad_len, size;
175 
176  /* VUD.ciphertext */
177  if (copy_from_user(msg->text, mex->inputdata, mex->inputdatalength))
178  return -EFAULT;
179 
180  if (is_PKCS11_padded(msg->text, mex->inputdatalength))
181  return -EINVAL;
182 
183  /* static message header and f&r */
184  msg->hdr = static_type6_hdr;
185  msg->fr = static_pke_function_and_rules;
186 
187  if (is_PKCS12_padded(msg->text, mex->inputdatalength)) {
188  /* strip the padding and adjust the data length */
189  pad_len = strnlen(msg->text + 2, mex->inputdatalength - 2) + 3;
190  if (pad_len <= 9 || pad_len >= mex->inputdatalength)
191  return -ENODEV;
192  vud_len = mex->inputdatalength - pad_len;
193  memmove(msg->text, msg->text + pad_len, vud_len);
194  msg->length = cpu_to_le16(vud_len + 2);
195 
196  /* Set up key after the variable length text. */
197  size = zcrypt_type6_mex_key_en(mex, msg->text + vud_len, 0);
198  if (size < 0)
199  return size;
200  size += sizeof(*msg) + vud_len; /* total size of msg */
201  } else {
202  vud_len = mex->inputdatalength;
203  msg->length = cpu_to_le16(2 + vud_len);
204 
205  msg->hdr.function_code[1] = 'D';
206  msg->fr.function_code[1] = 'D';
207 
208  /* Set up key after the variable length text. */
209  size = zcrypt_type6_mex_key_de(mex, msg->text + vud_len, 0);
210  if (size < 0)
211  return size;
212  size += sizeof(*msg) + vud_len; /* total size of msg */
213  }
214 
215  /* message header, cprb and f&r */
216  msg->hdr.ToCardLen1 = (size - sizeof(msg->hdr) + 3) & -4;
217  msg->hdr.FromCardLen1 = PCICC_MAX_RESPONSE_SIZE - sizeof(msg->hdr);
218 
219  msg->cprb = static_cprb;
220  msg->cprb.usage_domain[0]= AP_QID_QUEUE(zdev->ap_dev->qid);
221  msg->cprb.req_parml = cpu_to_le16(size - sizeof(msg->hdr) -
222  sizeof(msg->cprb));
223  msg->cprb.rpl_parml = cpu_to_le16(msg->hdr.FromCardLen1);
224 
225  ap_msg->length = (size + 3) & -4;
226  return 0;
227 }
228 
238 static int ICACRT_msg_to_type6CRT_msg(struct zcrypt_device *zdev,
239  struct ap_message *ap_msg,
240  struct ica_rsa_modexpo_crt *crt)
241 {
242  static struct type6_hdr static_type6_hdr = {
243  .type = 0x06,
244  .offset1 = 0x00000058,
245  .agent_id = {0x01,0x00,0x43,0x43,0x41,0x2D,0x41,0x50,
246  0x50,0x4C,0x20,0x20,0x20,0x01,0x01,0x01},
247  .function_code = {'P','D'},
248  };
249  static struct function_and_rules_block static_pkd_function_and_rules ={
250  .function_code = {'P','D'},
251  .ulen = __constant_cpu_to_le16(10),
252  .only_rule = {'P','K','C','S','-','1','.','2'}
253  };
254  struct {
255  struct type6_hdr hdr;
256  struct CPRB cprb;
257  struct function_and_rules_block fr;
258  unsigned short length;
259  char text[0];
260  } __attribute__((packed)) *msg = ap_msg->message;
261  int size;
262 
263  /* VUD.ciphertext */
264  msg->length = cpu_to_le16(2 + crt->inputdatalength);
265  if (copy_from_user(msg->text, crt->inputdata, crt->inputdatalength))
266  return -EFAULT;
267 
268  if (is_PKCS11_padded(msg->text, crt->inputdatalength))
269  return -EINVAL;
270 
271  /* Set up key after the variable length text. */
272  size = zcrypt_type6_crt_key(crt, msg->text + crt->inputdatalength, 0);
273  if (size < 0)
274  return size;
275  size += sizeof(*msg) + crt->inputdatalength; /* total size of msg */
276 
277  /* message header, cprb and f&r */
278  msg->hdr = static_type6_hdr;
279  msg->hdr.ToCardLen1 = (size - sizeof(msg->hdr) + 3) & -4;
280  msg->hdr.FromCardLen1 = PCICC_MAX_RESPONSE_SIZE - sizeof(msg->hdr);
281 
282  msg->cprb = static_cprb;
283  msg->cprb.usage_domain[0] = AP_QID_QUEUE(zdev->ap_dev->qid);
284  msg->cprb.req_parml = msg->cprb.rpl_parml =
285  cpu_to_le16(size - sizeof(msg->hdr) - sizeof(msg->cprb));
286 
287  msg->fr = static_pkd_function_and_rules;
288 
289  ap_msg->length = (size + 3) & -4;
290  return 0;
291 }
292 
303 struct type86_reply {
304  struct type86_hdr hdr;
305  struct type86_fmt2_ext fmt2;
306  struct CPRB cprb;
307  unsigned char pad[4]; /* 4 byte function code/rules block ? */
308  unsigned short length;
309  char text[0];
310 } __attribute__((packed));
311 
312 static int convert_type86(struct zcrypt_device *zdev,
313  struct ap_message *reply,
314  char __user *outputdata,
315  unsigned int outputdatalength)
316 {
317  static unsigned char static_pad[] = {
318  0x00,0x02,
319  0x1B,0x7B,0x5D,0xB5,0x75,0x01,0x3D,0xFD,
320  0x8D,0xD1,0xC7,0x03,0x2D,0x09,0x23,0x57,
321  0x89,0x49,0xB9,0x3F,0xBB,0x99,0x41,0x5B,
322  0x75,0x21,0x7B,0x9D,0x3B,0x6B,0x51,0x39,
323  0xBB,0x0D,0x35,0xB9,0x89,0x0F,0x93,0xA5,
324  0x0B,0x47,0xF1,0xD3,0xBB,0xCB,0xF1,0x9D,
325  0x23,0x73,0x71,0xFF,0xF3,0xF5,0x45,0xFB,
326  0x61,0x29,0x23,0xFD,0xF1,0x29,0x3F,0x7F,
327  0x17,0xB7,0x1B,0xA9,0x19,0xBD,0x57,0xA9,
328  0xD7,0x95,0xA3,0xCB,0xED,0x1D,0xDB,0x45,
329  0x7D,0x11,0xD1,0x51,0x1B,0xED,0x71,0xE9,
330  0xB1,0xD1,0xAB,0xAB,0x21,0x2B,0x1B,0x9F,
331  0x3B,0x9F,0xF7,0xF7,0xBD,0x63,0xEB,0xAD,
332  0xDF,0xB3,0x6F,0x5B,0xDB,0x8D,0xA9,0x5D,
333  0xE3,0x7D,0x77,0x49,0x47,0xF5,0xA7,0xFD,
334  0xAB,0x2F,0x27,0x35,0x77,0xD3,0x49,0xC9,
335  0x09,0xEB,0xB1,0xF9,0xBF,0x4B,0xCB,0x2B,
336  0xEB,0xEB,0x05,0xFF,0x7D,0xC7,0x91,0x8B,
337  0x09,0x83,0xB9,0xB9,0x69,0x33,0x39,0x6B,
338  0x79,0x75,0x19,0xBF,0xBB,0x07,0x1D,0xBD,
339  0x29,0xBF,0x39,0x95,0x93,0x1D,0x35,0xC7,
340  0xC9,0x4D,0xE5,0x97,0x0B,0x43,0x9B,0xF1,
341  0x16,0x93,0x03,0x1F,0xA5,0xFB,0xDB,0xF3,
342  0x27,0x4F,0x27,0x61,0x05,0x1F,0xB9,0x23,
343  0x2F,0xC3,0x81,0xA9,0x23,0x71,0x55,0x55,
344  0xEB,0xED,0x41,0xE5,0xF3,0x11,0xF1,0x43,
345  0x69,0x03,0xBD,0x0B,0x37,0x0F,0x51,0x8F,
346  0x0B,0xB5,0x89,0x5B,0x67,0xA9,0xD9,0x4F,
347  0x01,0xF9,0x21,0x77,0x37,0x73,0x79,0xC5,
348  0x7F,0x51,0xC1,0xCF,0x97,0xA1,0x75,0xAD,
349  0x35,0x9D,0xD3,0xD3,0xA7,0x9D,0x5D,0x41,
350  0x6F,0x65,0x1B,0xCF,0xA9,0x87,0x91,0x09
351  };
352  struct type86_reply *msg = reply->message;
353  unsigned short service_rc, service_rs;
354  unsigned int reply_len, pad_len;
355  char *data;
356 
357  service_rc = le16_to_cpu(msg->cprb.ccp_rtcode);
358  if (unlikely(service_rc != 0)) {
359  service_rs = le16_to_cpu(msg->cprb.ccp_rscode);
360  if (service_rc == 8 && service_rs == 66)
361  return -EINVAL;
362  if (service_rc == 8 && service_rs == 65)
363  return -EINVAL;
364  if (service_rc == 8 && service_rs == 770) {
365  zdev->max_mod_size = PCICC_MAX_MOD_SIZE_OLD;
366  return -EAGAIN;
367  }
368  if (service_rc == 8 && service_rs == 783) {
369  zdev->max_mod_size = PCICC_MAX_MOD_SIZE_OLD;
370  return -EAGAIN;
371  }
372  if (service_rc == 8 && service_rs == 72)
373  return -EINVAL;
374  zdev->online = 0;
375  return -EAGAIN; /* repeat the request on a different device. */
376  }
377  data = msg->text;
378  reply_len = le16_to_cpu(msg->length) - 2;
379  if (reply_len > outputdatalength)
380  return -EINVAL;
381  /*
382  * For all encipher requests, the length of the ciphertext (reply_len)
383  * will always equal the modulus length. For MEX decipher requests
384  * the output needs to get padded. Minimum pad size is 10.
385  *
386  * Currently, the cases where padding will be added is for:
387  * - PCIXCC_MCL2 using a CRT form token (since PKD didn't support
388  * ZERO-PAD and CRT is only supported for PKD requests)
389  * - PCICC, always
390  */
391  pad_len = outputdatalength - reply_len;
392  if (pad_len > 0) {
393  if (pad_len < 10)
394  return -EINVAL;
395  /* 'restore' padding left in the PCICC/PCIXCC card. */
396  if (copy_to_user(outputdata, static_pad, pad_len - 1))
397  return -EFAULT;
398  if (put_user(0, outputdata + pad_len - 1))
399  return -EFAULT;
400  }
401  /* Copy the crypto response to user space. */
402  if (copy_to_user(outputdata + pad_len, data, reply_len))
403  return -EFAULT;
404  return 0;
405 }
406 
407 static int convert_response(struct zcrypt_device *zdev,
408  struct ap_message *reply,
409  char __user *outputdata,
410  unsigned int outputdatalength)
411 {
412  struct type86_reply *msg = reply->message;
413 
414  /* Response type byte is the second byte in the response. */
415  switch (msg->hdr.type) {
416  case TYPE82_RSP_CODE:
417  case TYPE88_RSP_CODE:
418  return convert_error(zdev, reply);
419  case TYPE86_RSP_CODE:
420  if (msg->hdr.reply_code)
421  return convert_error(zdev, reply);
422  if (msg->cprb.cprb_ver_id == 0x01)
423  return convert_type86(zdev, reply,
424  outputdata, outputdatalength);
425  /* no break, incorrect cprb version is an unknown response */
426  default: /* Unknown response type, this should NEVER EVER happen */
427  zdev->online = 0;
428  return -EAGAIN; /* repeat the request on a different device. */
429  }
430 }
431 
440 static void zcrypt_pcicc_receive(struct ap_device *ap_dev,
441  struct ap_message *msg,
442  struct ap_message *reply)
443 {
444  static struct error_hdr error_reply = {
445  .type = TYPE82_RSP_CODE,
446  .reply_code = REP82_ERROR_MACHINE_FAILURE,
447  };
448  struct type86_reply *t86r;
449  int length;
450 
451  /* Copy the reply message to the request message buffer. */
452  if (IS_ERR(reply)) {
453  memcpy(msg->message, &error_reply, sizeof(error_reply));
454  goto out;
455  }
456  t86r = reply->message;
457  if (t86r->hdr.type == TYPE86_RSP_CODE &&
458  t86r->cprb.cprb_ver_id == 0x01) {
459  length = sizeof(struct type86_reply) + t86r->length - 2;
460  length = min(PCICC_MAX_RESPONSE_SIZE, length);
461  memcpy(msg->message, reply->message, length);
462  } else
463  memcpy(msg->message, reply->message, sizeof error_reply);
464 out:
465  complete((struct completion *) msg->private);
466 }
467 
468 static atomic_t zcrypt_step = ATOMIC_INIT(0);
469 
477 static long zcrypt_pcicc_modexpo(struct zcrypt_device *zdev,
478  struct ica_rsa_modexpo *mex)
479 {
480  struct ap_message ap_msg;
481  struct completion work;
482  int rc;
483 
484  ap_init_message(&ap_msg);
485  ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
486  if (!ap_msg.message)
487  return -ENOMEM;
488  ap_msg.receive = zcrypt_pcicc_receive;
489  ap_msg.length = PAGE_SIZE;
490  ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
491  atomic_inc_return(&zcrypt_step);
492  ap_msg.private = &work;
493  rc = ICAMEX_msg_to_type6MEX_msg(zdev, &ap_msg, mex);
494  if (rc)
495  goto out_free;
496  init_completion(&work);
497  ap_queue_message(zdev->ap_dev, &ap_msg);
498  rc = wait_for_completion_interruptible(&work);
499  if (rc == 0)
500  rc = convert_response(zdev, &ap_msg, mex->outputdata,
501  mex->outputdatalength);
502  else
503  /* Signal pending. */
504  ap_cancel_message(zdev->ap_dev, &ap_msg);
505 out_free:
506  free_page((unsigned long) ap_msg.message);
507  return rc;
508 }
509 
517 static long zcrypt_pcicc_modexpo_crt(struct zcrypt_device *zdev,
518  struct ica_rsa_modexpo_crt *crt)
519 {
520  struct ap_message ap_msg;
521  struct completion work;
522  int rc;
523 
524  ap_init_message(&ap_msg);
525  ap_msg.message = (void *) get_zeroed_page(GFP_KERNEL);
526  if (!ap_msg.message)
527  return -ENOMEM;
528  ap_msg.receive = zcrypt_pcicc_receive;
529  ap_msg.length = PAGE_SIZE;
530  ap_msg.psmid = (((unsigned long long) current->pid) << 32) +
531  atomic_inc_return(&zcrypt_step);
532  ap_msg.private = &work;
533  rc = ICACRT_msg_to_type6CRT_msg(zdev, &ap_msg, crt);
534  if (rc)
535  goto out_free;
536  init_completion(&work);
537  ap_queue_message(zdev->ap_dev, &ap_msg);
538  rc = wait_for_completion_interruptible(&work);
539  if (rc == 0)
540  rc = convert_response(zdev, &ap_msg, crt->outputdata,
541  crt->outputdatalength);
542  else
543  /* Signal pending. */
544  ap_cancel_message(zdev->ap_dev, &ap_msg);
545 out_free:
546  free_page((unsigned long) ap_msg.message);
547  return rc;
548 }
549 
553 static struct zcrypt_ops zcrypt_pcicc_ops = {
554  .rsa_modexpo = zcrypt_pcicc_modexpo,
555  .rsa_modexpo_crt = zcrypt_pcicc_modexpo_crt,
556 };
557 
563 static int zcrypt_pcicc_probe(struct ap_device *ap_dev)
564 {
565  struct zcrypt_device *zdev;
566  int rc;
567 
568  zdev = zcrypt_device_alloc(PCICC_MAX_RESPONSE_SIZE);
569  if (!zdev)
570  return -ENOMEM;
571  zdev->ap_dev = ap_dev;
572  zdev->ops = &zcrypt_pcicc_ops;
573  zdev->online = 1;
574  zdev->user_space_type = ZCRYPT_PCICC;
575  zdev->type_string = "PCICC";
576  zdev->min_mod_size = PCICC_MIN_MOD_SIZE;
577  zdev->max_mod_size = PCICC_MAX_MOD_SIZE;
578  zdev->speed_rating = PCICC_SPEED_RATING;
579  zdev->max_exp_bit_length = PCICC_MAX_MOD_SIZE;
580  ap_dev->reply = &zdev->reply;
581  ap_dev->private = zdev;
582  rc = zcrypt_device_register(zdev);
583  if (rc)
584  goto out_free;
585  return 0;
586 
587  out_free:
588  ap_dev->private = NULL;
589  zcrypt_device_free(zdev);
590  return rc;
591 }
592 
597 static void zcrypt_pcicc_remove(struct ap_device *ap_dev)
598 {
599  struct zcrypt_device *zdev = ap_dev->private;
600 
601  zcrypt_device_unregister(zdev);
602 }
603 
604 int __init zcrypt_pcicc_init(void)
605 {
606  return ap_driver_register(&zcrypt_pcicc_driver, THIS_MODULE, "pcicc");
607 }
608 
609 void zcrypt_pcicc_exit(void)
610 {
611  ap_driver_unregister(&zcrypt_pcicc_driver);
612 }
613 
614 module_init(zcrypt_pcicc_init);
615 module_exit(zcrypt_pcicc_exit);
Generated on Thu Jan 10 2013 14:18:02 for Linux Kernel by   doxygen 1.8.2